Skip to main content
Here are sample YAML files showing common API request patterns.

GET Request

info:
  name: Get User
  type: http
  seq: 1

http:
  method: GET
  url: https://api.github.com/users/usebruno

settings:
  encodeUrl: true

GET with Headers

info:
  name: Get with Headers
  type: http
  seq: 2

http:
  method: GET
  url: https://api.example.com/data
  headers:
    - name: Content-Type
      value: application/json
    - name: Authorization
      value: Bearer topsecret

settings:
  encodeUrl: true

GET with Query Parameters

info:
  name: Search Users
  type: http
  seq: 3

http:
  method: GET
  url: https://api.example.com/users?filter=active&limit=10&page=1
  params:
    - name: filter
      value: active
      type: query
    - name: limit
      value: "10"
      type: query
    - name: page
      value: "1"
      type: query

settings:
  encodeUrl: true
  timeout: 0
  followRedirects: true
  maxRedirects: 5

GET with Path Parameters

info:
  name: Get User by ID
  type: http
  seq: 4

http:
  method: GET
  url: https://api.example.com/users/:id
  params:
    - name: id
      value: ""
      type: path

settings:
  encodeUrl: true
  timeout: 0
  followRedirects: true
  maxRedirects: 5

POST with JSON Body

info:
  name: Create User
  type: http
  seq: 5

http:
  method: POST
  url: https://api.example.com/users
  body:
    type: json
    data: |-
      {
        "name": "John Doe",
        "email": "john@example.com"
      }

settings:
  encodeUrl: true

POST with Form Data

info:
  name: Upload Form
  type: http
  seq: 6

http:
  method: POST
  url: https://api.example.com/submit
  body:
    type: form-urlencoded
    data:
      - name: username
        value: johndoe
      - name: password
        value: secret123

settings:
  encodeUrl: true
  timeout: 0
  followRedirects: true
  maxRedirects: 5

Request with Authentication

info:
  name: Authenticated Request
  type: http
  seq: 7

http:
  method: GET
  url: https://api.example.com/protected
  auth:
    type: basic
    username: admin
    password: secret

settings:
  encodeUrl: true
  timeout: 0
  followRedirects: true
  maxRedirects: 5

Request with Pre-Request Script

info:
  name: Request with Script
  type: http
  seq: 8

http:
  method: POST
  url: https://api.example.com/data

runtime:
  scripts:
    - type: before-request
      code: |-
        // Set dynamic timestamp
        const timestamp = Date.now();
        bru.setVar("timestamp", timestamp);

settings:
  encodeUrl: true

Request with Post-Response Script

info:
  name: Login
  type: http
  seq: 9

http:
  method: POST
  url: https://api.example.com/login
  body:
    type: json
    data: |-
      {
        "username": "johnnash",
        "password": "governingdynamics"
      }

runtime:
  scripts:
    - type: after-response
      code: |-
        // Save token for subsequent requests
        bru.setVar("token", res.body.token);

settings:
  encodeUrl: true

Request with Tests

info:
  name: Login with Tests
  type: http
  seq: 10

http:
  method: POST
  url: https://api.example.com/login
  body:
    type: json
    data: |-
      {
        "username": "johnnash",
        "password": "governingdynamics"
      }

runtime:
  scripts:
    - type: tests
      code: |-
        test("should be able to login", function() {
          expect(res.status).to.equal(201);
        });

        test("should receive the token", function() {
          expect(res.body.token).to.be.a('string');
        });

settings:
  encodeUrl: true

Request with Assertions

info:
  name: Request with Assertions
  type: http
  seq: 11

http:
  method: POST
  url: https://api.example.com/users

runtime:
  assertions:
    - expression: res.status
      operator: eq
      value: "201"
    - expression: res.body.name
      operator: isString

settings:
  encodeUrl: true