Generate secure API from your browser

Neeraj Dana
4 min readOct 8, 2019

Generate A Secured node API with authentication and authorization directly from your browser at the same time fully customizable.

For Better, Explanation Please watch the video below

Let’s get started,

1) First visit to

2) Login with your credential if you have not registered then you can register here.

3) After login download the starter kit and open it with vs code and run

4) Get back to the website and create entities, and create a modal containing the password field so that we can use that entity as our authorization service.

So let’s say we have created a table user containing fields name, email, password

Now click on create resources and don’t click the download button just get back to a modal where you can see your all modals.

Now you can see one change that, there is a lock icon why it's showing

so the lock icon is used to tell that whether there is a password field or not in the modal and it also indicates that this modal can be used for another table to create a secure resource that means let’s we have another table employee

and we don’t want it to be open like no one show post or get in this table without login so for that first he/she will register themselves using the user entity and after that when they log in, a token will be generated and when we pass that token in header and do post request to employee table will accept but if we don’t add token it will give an error Unauthorized.

5) Now click on the lock icon and select what you want to pass and what you want to get from the payload.

6) Generating the user resource copy the content of zip file in vs code accordingly, now open the user.instruction.txt and do the following changes.

7) In the employee table, click on the info icon you will see a checkbox saying create secure resource just check it and choose the table from which you want to authenticate.

8) Click on generate API resources, download and extract the zip and copy the content accordingly into vs code, now open the employee.instruction.txt and do the following changes.

9) Now, let’s check the API working run the

command in vs code terminal and your API will run on localhost copy the localhost URL and paste it in postman.

10) Let’s first register a user using post request in


and in body > raw select JSON format

{ "name":"username", "email":"", "password":"password" }

and post it, Your Output should be this,

Now in URL add /login

and remove name field from the body and send request

then it will generate a token

Now, open a new tab and copy the API URL and add /employee and choose post method and click on send button there you will get an error for that you need to do change in


const ENV_SECRET_STRING = "The_String_Present_In_Your_userController";

Copy the string from userController.js

const ENV_SECRET_STRING = "Put_A_Secure_string_here_for_token_generation";

Now again post it you will see unauthorize

that means the user is login but the token is not passed in the header.

so for that just copy the token from user API and add it to the header of employee API and post it you will see the empty object.

That’s it we have successfully generated secure API.

if you like it do support us on product hunt by upvoting here

Originally published at on October 8, 2019.



Neeraj Dana

Top Writer in Javascript React Angular Node js NLP Typescript Machine Learning Data science Maths