Skip to content

Instantly share code, notes, and snippets.

@bskim45

bskim45/README.md

Last active January 14, 2026 15:24
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save bskim45/49e8378ab2910d85ca53c6c7e2a40bdb to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save bskim45/49e8378ab2910d85ca53c6c7e2a40bdb to your computer and use it in GitHub Desktop.
Download ZIP
Naver Cloud Platform API Pre-request Script for Postman
Raw
README.md

Naver Cloud Platform API Authentication Script for Postman

A Postman Pre-request script for authenticating with Naver Cloud Platform APIs using signature-based authentication (v2).

Features

  • HMAC-SHA256 signature generation
  • Handles non-ASCII characters (Korean, etc.) in query parameters
  • Compatible with Postman's URL encoding behavior

Setup

  1. Add to your Postman Collection's Pre-request Scripts
  2. Set environment variables:
    • NCP_ACCESS_KEY: Your NCP Access Key
    • NCP_SECRET_KEY: Your NCP Secret Key
    • NCP_AUTH_DEBUG: Set to 'true' for debug logging (optional)

Reference

Based on https://api.ncloud-docs.com/docs/common-ncpapi

Raw
pre-request.js
// Naver Cloud Platform API Pre-request Script
// https://api.ncloud-docs.com/docs/common-ncpapi
const accessKey = pm.environment.get('NCP_ACCESS_KEY');
const secretKey = pm.environment.get('NCP_SECRET_KEY');
if (!accessKey || !secretKey) {
throw new Error('Missing NCP_ACCESS_KEY or NCP_SECRET_KEY in environment');
}
// timestamp in milliseconds
const timestamp = Date.now().toString();
const method = pm.request.method;
// const url = pm.request.url.getPathWithQuery();
let url = pm.request.url.getPath();
// encode query params - only encode non-ASCII characters
const queryParams = pm.request.url.query.all();
if (queryParams.length > 0) {
const encodedParams = queryParams
.filter(param => !param.disabled)
.map(param => {
// Function to encode only non-ASCII characters
const encodeNonAscii = (str) => {
return str.replace(/[^\x00-\x7F]/g, (char) =>
encodeURIComponent(char)
);
};
const key = encodeNonAscii(param.key);
const value = param.value ? encodeNonAscii(param.value) : '';
return key + '=' + value;
})
.join('&');
if (encodedParams) {
url = url + '?' + encodedParams;
}
}
const space = ' ';
const newLine = '\n';
const message = `${method} ${url}\n${timestamp}\n${accessKey}`;
const hmac = CryptoJS.algo.HMAC.create(CryptoJS.algo.SHA256, secretKey);
hmac.update(method);
hmac.update(space);
hmac.update(url);
hmac.update(newLine);
hmac.update(timestamp);
hmac.update(newLine);
hmac.update(accessKey);
const hash = hmac.finalize();
const signature = hash.toString(CryptoJS.enc.Base64);
pm.request.headers.upsert({
key: "x-ncp-apigw-timestamp",
value: timestamp
});
pm.request.headers.upsert({
key: "x-ncp-iam-access-key",
value: accessKey
});
pm.request.headers.upsert({
key: "x-ncp-apigw-signature-v2",
value: signature
});
if (pm.environment.get('NCP_AUTH_DEBUG') === 'true') {
console.log("=== Naver Cloud API Signature ===");
console.log("Method:", method);
console.log("URL (encoded):", url);
console.log("Timestamp:", timestamp);
console.log("Access Key:", accessKey);
console.log("Message for signing:");
console.log(message);
console.log("Signature:", signature);
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment