Time to build a real Postman collection. Not 3 random requests. A complete, organized collection with folders, environment variables, and chained requests. We will use ReqRes.in because it has authentication endpoints — something JSONPlaceholder lacks.
ReqRes.in Full Test Suite
├── Setup
│ └── Health Check (GET /api/users?page=1)
├── Authentication
│ ├── Register — Successful (POST /api/register)
│ ├── Register — Missing Password (POST /api/register)
│ ├── Login — Successful (POST /api/login)
│ ├── Login — Missing Password (POST /api/login)
│ └── Login — Wrong Email (POST /api/login)
├── Users — CRUD
│ ├── Get Users Page 1 (GET /api/users?page=1)
│ ├── Get Users Page 2 (GET /api/users?page=2)
│ ├── Get Single User (GET /api/users/2)
│ ├── Get Non-Existent User (GET /api/users/999)
│ ├── Create User (POST /api/users)
│ ├── Update User — Full (PUT /api/users/2)
│ ├── Update User — Partial (PATCH /api/users/2)
│ └── Delete User (DELETE /api/users/2)
├── Edge Cases
│ ├── Get User ID = 0 (GET /api/users/0)
│ ├── Delayed Response (GET /api/users?delay=3)
│ └── Create User — Empty Body (POST /api/users)
└── Resource Endpoints
├── List Resources (GET /api/unknown)
└── Single Resource (GET /api/unknown/2)Create an environment called "ReqRes Dev" with these variables. Every request uses {{baseUrl}} instead of the hardcoded URL.
| Variable | Initial Value | Description |
|---|---|---|
| baseUrl | https://reqres.in | Base URL for all requests |
| userId | 2 | Default user ID for single-user requests |
| authToken | Populated after successful login | |
| createdUserId | Populated after creating a user | |
| testEmail | eve.holt@reqres.in | Valid email for auth tests |
| testPassword | pistol | Valid password for auth tests |
Let me show you the key requests. Not screenshots — actual request configs you can replicate exactly.
{
"email": "{{testEmail}}",
"password": "{{testPassword}}"
}Expected response (200):
{
"id": 4,
"token": "QpwL5tke4Pnpja7X4"
}{
"email": "{{testEmail}}",
"password": "{{testPassword}}"
}In the Tests tab of this request, save the token for later requests:
const response = pm.response.json();
pm.test("Login returns 200", function() {
pm.response.to.have.status(200);
});
pm.test("Token is present", function() {
pm.expect(response.token).to.be.a("string");
pm.expect(response.token.length).to.be.greaterThan(0);
});
// Save token for subsequent requests
pm.environment.set("authToken", response.token);{
"name": "Rahul Sharma",
"job": "QA Engineer"
}const response = pm.response.json();
pm.test("Create user returns 201", function() {
pm.response.to.have.status(201);
});
pm.test("Name matches input", function() {
pm.expect(response.name).to.eql("Rahul Sharma");
});
pm.test("Job matches input", function() {
pm.expect(response.job).to.eql("QA Engineer");
});
pm.test("ID is generated", function() {
pm.expect(response.id).to.exist;
});
pm.test("createdAt is present", function() {
pm.expect(response.createdAt).to.exist;
});
// Save for chained requests
pm.environment.set("createdUserId", response.id);const response = pm.response.json();
pm.test("Status is 200", function() {
pm.response.to.have.status(200);
});
pm.test("Page number is 1", function() {
pm.expect(response.page).to.eql(1);
});
pm.test("Per page is 6", function() {
pm.expect(response.per_page).to.eql(6);
});
pm.test("Total users is 12", function() {
pm.expect(response.total).to.eql(12);
});
pm.test("Data array has 6 users", function() {
pm.expect(response.data).to.have.lengthOf(6);
});
pm.test("Each user has required fields", function() {
response.data.forEach(user => {
pm.expect(user.id).to.be.a("number");
pm.expect(user.email).to.include("@");
pm.expect(user.first_name).to.be.a("string");
pm.expect(user.last_name).to.be.a("string");
pm.expect(user.avatar).to.include("https://");
});
});Notice the chaining pattern. Login saves the token. Create user saves the ID. Later requests use these saved values. This is how you test flows — login, then create, then update, then delete. Each step feeds the next.
ReqRes.in only accepts specific emails for register/login. Use eve.holt@reqres.in with password "pistol". Other emails will return 400. This is by design — it simulates a real auth system with known test accounts.
Key Point: Build a complete Postman collection with folders for Auth, CRUD, and Edge Cases. Use environment variables for baseUrl and chained values. Every request should have test assertions.