I've created a comprehensive Postman testing package for your Multi-User Blogging Platform API with 68 endpoints across 7 categories.
Your starting point - Quick setup guide
- 5-minute quick start workflow
- Step-by-step import instructions
- Essential endpoints to create first
- Troubleshooting guide
Complete API documentation - All 68 endpoints with:
- HTTP method, URL, headers
- Request body examples (JSON)
- Response format examples
- Query parameters explained
- Authentication requirements
- Organized by category
Comprehensive testing guide with:
- Complete authentication flow
- Testing scenarios (Blog workflow, Content discovery, etc.)
- Environment variables explained
- Collection structure recommendations
- Role-based access control guide
- Common query parameters
- Advanced Postman tips
Ready-to-import Postman environment with:
base_url: http://localhost:8080/api/v1token: Auto-saved JWT tokenuser_id,username: Auto-saved user data- Additional variables for IDs
| Category | Count | Description |
|---|---|---|
| Authentication | 12 | Register, login, email verification, password management, role management |
| Posts | 14 | Full CRUD, search, pagination, like/unlike, stats, popular/recent |
| Comments | 12 | Create, reply, nested comments, CRUD, stats, recent |
| Categories | 7 | Full CRUD, get posts by category, slug-based access |
| Tags | 9 | Full CRUD, popular tags, search, get posts by tag |
| Media | 5 | Image/file upload, serve files, delete media |
| Contact | 1 | Contact form submission |
| Testing | 4 | Development helpers (remove in production) |
Postman → Environments → Import → Select:
Multi-User-Blog-API.postman_environment.jsonPOST {{base_url}}/auth/login
Body:
{
"email": "your@email.com",
"password": "YourPassword123!"
}
Tests Tab (Auto-save token):
if (pm.response.code === 200) {
pm.environment.set("token", pm.response.json().token);
}
POST {{base_url}}/posts
Headers:
Authorization: Bearer {{token}}
Body: (see API_ENDPOINTS_REFERENCE.md)
- POST
/auth/register- Register new user - POST
/auth/login- Login (auto-saves token) - GET
/auth/verify-email- Verify email address - POST
/auth/resend-verification- Resend verification email - POST
/auth/logout- Logout user - POST
/auth/forgot-password- Request password reset - POST
/auth/reset-password- Reset password with token - POST
/auth/change-password- Change password (authenticated) - GET
/auth/profile- Get user profile - POST
/auth/request-role-upgrade- Request role upgrade - POST
/auth/admin/change-user-role- Change user role (Admin) - GET
/auth/admin/users- Get all users (Admin)
- POST
/posts- Create post - GET
/posts- Get all published posts (paginated) - GET
/posts/all- Get all posts including drafts (Admin) - GET
/posts/my-posts- Get my posts - GET
/posts/author/{username}- Get posts by author - GET
/posts/{id}- Get post by ID - GET
/posts/slug/{slug}- Get post by slug - PUT
/posts/{id}- Update post - DELETE
/posts/{id}- Delete post - POST
/posts/{id}/like- Like/unlike post - GET
/posts/search- Search posts - GET
/posts/popular- Get popular posts - GET
/posts/recent- Get recent posts - GET
/posts/stats- Get post statistics
- POST
/comments/post/{postId}- Create comment - POST
/comments/post/{postId}(with parentId) - Reply to comment - GET
/comments/post/{postId}- Get comments (paginated) - GET
/comments/post/{postId}/all- Get all comments (nested) - GET
/comments/{id}- Get comment by ID - PUT
/comments/{id}- Update comment - DELETE
/comments/{id}- Delete comment - GET
/comments/user/{username}- Get comments by user - GET
/comments/my-comments- Get my comments - GET
/comments/recent- Get recent comments - GET
/comments/post/{postId}/count- Get comment count - GET
/comments/stats- Get comment statistics
- GET
/categories- Get all categories - GET
/categories/{id}- Get category by ID - GET
/categories/slug/{slug}- Get category by slug - GET
/categories/{id}/posts- Get posts by category - POST
/categories- Create category - PUT
/categories/{id}- Update category - DELETE
/categories/{id}- Delete category
- GET
/tags- Get all tags - GET
/tags/popular- Get popular tags - GET
/tags/{id}- Get tag by ID - GET
/tags/slug/{slug}- Get tag by slug - GET
/tags/{id}/posts- Get posts by tag - GET
/tags/search- Search tags - POST
/tags- Create tag - PUT
/tags/{id}- Update tag - DELETE
/tags/{id}- Delete tag
- POST
/media/upload/image- Upload image (10MB max) - POST
/media/upload/file- Upload file (10MB max) - GET
/media/images/{filename}- Get image - GET
/media/files/{filename}- Get file - DELETE
/media/{type}/{filename}- Delete media
- POST
/contact- Submit contact form
- GET
/auth/get-verification-token- Get verification token (testing) - GET
/auth/get-reset-token- Get reset token (testing) - DELETE
/auth/clear-all-users- Clear all users (testing) - GET
/auth/test- Test controller connectivity
- Login returns JWT token
- Token is auto-saved to environment (with script)
- Use
{{token}}in Authorization header:Bearer {{token}} - Token required for all protected endpoints
- SUBSCRIBER - Read-only, comment/like
- CONTRIBUTOR - Create drafts
- AUTHOR - Create & publish own posts
- EDITOR - Edit all posts, moderate comments
- ADMIN - Full access, user management
- SUPER_ADMIN - Complete system control
- Register user (starts as SUBSCRIBER)
- Admin upgrades role via
/auth/admin/change-user-role - Test endpoint permissions with different roles
{
"success": true,
"message": "Operation successful",
"data": { /* ... */ }
}{
"success": false,
"message": "Operation failed",
"error": "Detailed error message"
}{
"success": true,
"data": {
"content": [ /* items */ ],
"totalElements": 50,
"totalPages": 5,
"number": 0,
"size": 10,
"first": true,
"last": false
}
}- Register → Verify → Login → Get Profile
- Change Password
- Test Forgot/Reset Password flow
- Upload cover image
- Create categories and tags
- Create posts (draft & published)
- Update and delete posts
- Like/unlike posts
- Add comments
- Reply to comments (nested)
- Edit/delete comments
- Search posts
- Get popular/recent posts
- Browse by category
- Browse by tag
- Filter by author
- Get all posts (including drafts)
- Manage user roles
- View all users
- Test role-based access control
-
Authorization:
- Type: Bearer Token
- Token:
{{token}} - All requests inherit automatically
-
Pre-request Script:
// Check token exists
if (!pm.environment.get("token") && pm.request.auth) {
console.warn("⚠️ No token found. Login required.");
}- Tests (Global):
// Log response time
console.log("Response time:", pm.response.responseTime + "ms");
// Check success
pm.test("Status is 200", function () {
pm.response.to.have.status(200);
});- Import environment JSON ✅
- Open
API_ENDPOINTS_REFERENCE.md - Create requests in Postman using the reference
- Start with essentials (login, create post, etc.)
- Add more as needed
- Use the endpoint details to generate collection JSON
- Or use Postman's Collection API
- Or use a script to convert markdown to JSON
Create these 10 endpoints first:
- ✅ POST
/auth/register - ✅ GET
/auth/get-verification-token(testing) - ✅ GET
/auth/verify-email - ✅ POST
/auth/login(with auto-save script!) - ✅ GET
/auth/profile - ✅ POST
/posts - ✅ GET
/posts - ✅ POST
/posts/{id}/like - ✅ POST
/comments/post/{postId} - ✅ POST
/media/upload/image
Suggested structure:
Multi-User Blog API/
├── 🔐 Authentication/ (12 requests)
├── 📝 Posts/ (14 requests)
├── 💬 Comments/ (12 requests)
├── 📁 Categories/ (7 requests)
├── 🏷️ Tags/ (9 requests)
├── 📷 Media/ (5 requests)
├── 📧 Contact/ (1 request)
└── 🧪 Testing/ (4 requests - dev only)
- POSTMAN_QUICK_START.md - Start here (5-minute setup)
- API_ENDPOINTS_REFERENCE.md - Reference all 68 endpoints
- POSTMAN_API_TESTING_GUIDE.md - Deep dive guide
- Multi-User-Blog-API.postman_environment.json - Import this first
- ✅ 68 endpoints fully documented
- ✅ Environment file ready to import
- ✅ Auto-save JWT token after login
- ✅ Complete request/response examples
- ✅ Role-based access control documented
- ✅ Pagination explained for all list endpoints
- ✅ File upload endpoints with form-data examples
- ✅ Testing scenarios for complete workflows
- ✅ Error handling documented
- ✅ Development helpers for easy testing
| Issue | Solution |
|---|---|
| Token not saving | Add auto-save script to Login request Tests tab |
| 401 errors | Login first, check token in environment |
| 403 errors | Check user role, may need upgrade |
| Backend offline | Start: cd backend && ./mvnw spring-boot:run |
| File upload fails | Use form-data, key="file", max 10MB |
| Pagination not working | Check params: page (0-indexed), size (1-100) |
- Collection-level authorization
- Pre-request scripts for token refresh
- Test scripts for assertions
- Environment variable usage
- Bulk testing with Collection Runner
- Request chaining
- Dynamic variables
- Response assertions
- Import the environment file
- Read POSTMAN_QUICK_START.md
- Create essential endpoints (login, create post, etc.)
- Test authentication flow
- Expand collection using API_ENDPOINTS_REFERENCE.md
- Organize into folders
- Share with your team
- Quick Start: POSTMAN_QUICK_START.md
- API Reference: API_ENDPOINTS_REFERENCE.md
- Testing Guide: POSTMAN_API_TESTING_GUIDE.md
- Environment: Multi-User-Blog-API.postman_environment.json
- All 68 endpoints documented
- Request/response examples provided
- Authentication flow explained
- Environment file created
- Quick start guide written
- Comprehensive testing guide created
- Role-based access documented
- Pagination explained
- File upload documented
- Error handling covered
- Testing scenarios provided
- Troubleshooting guide included
Everything is ready for comprehensive API testing! 🎉
Start with POSTMAN_QUICK_START.md for the fastest setup.
Generated: October 2025
Platform: Multi-User Blogging Platform API v1.0
Total Endpoints: 68
Categories: Authentication, Posts, Comments, Categories, Tags, Media, Contact