Cats

All Tests / Test 6687

Test Id

Test 6687

Test Trace Id

9e70b181-10d5-4f9b-a461-9929aa1cf26f

Timestamp

Tue, 23 Jun 2026 21:41:00 GMT

Scenario

Send a 'happy' flow request with all fields and all headers

Expected Result

Should return 2XX

Result

error

Result Details

The following keywords were detected in the response which might suggest an error details leak: [unauthorized]

Contract Path

/api/auth/mfa

Fuzzer

HappyPath

Full Request Path

https://qa-api.puk3p.online/api/auth/mfa

Http Method

post

Request Details

Payload

{
  "mfaToken": "GWIURWTKTJKCQMHVCVHWOEYSFT",
  "code": "191727"
}

Request Details

Headers

[
  {
    "key": "Accept",
    "value": "application/json"
  },
  {
    "key": "Content-Type",
    "value": "application/json"
  },
  {
    "key": "User-Agent",
    "value": "cats/13.8.1-SNAPSHOT (Test 6687 - HappyPath)"
  },
  {
    "key": "X-Cats-Trace-Id",
    "value": "9e70b181-10d5-4f9b-a461-9929aa1cf26f"
  }
]

Request Details

cURL

curl  -X POST \
     -H "Accept: application/json" \
-H "Content-Type: application/json" \
-H "User-Agent: cats/13.8.1-SNAPSHOT (Test 6687 - HappyPath)" \
-H "X-Cats-Trace-Id: 9e70b181-10d5-4f9b-a461-9929aa1cf26f" \
 \
      -d '{"mfaToken":"GWIURWTKTJKCQMHVCVHWOEYSFT","code":"191727"}' \
      https://qa-api.puk3p.online/api/auth/mfa

Response

{
  "responseCode": 401,
  "httpMethod": "POST",
  "responseTimeInMs": "130",
  "numberOfWordsInResponse": "8",
  "numberOfLinesInResponse": "1",
  "contentLengthInBytes": "193",
  "jsonBody": {
    "timestamp": "2026-06-23T21:41:00.241897926Z",
    "status": 401,
    "error": "Unauthorized",
    "message": "Your verification session expired — sign in again",
    "path": "/api/auth/mfa",
    "validationErrors": null
  },
  "headers": [
    {
      "key": "cache-control",
      "value": "no-cache, no-store, max-age=0, must-revalidate"
    },
    {
      "key": "content-type",
      "value": "application/json"
    },
    {
      "key": "date",
      "value": "Tue, 23 Jun 2026 21:41:00 GMT"
    },
    {
      "key": "expires",
      "value": "0"
    },
    {
      "key": "pragma",
      "value": "no-cache"
    },
    {
      "key": "server",
      "value": "nginx/1.24.0 (Ubuntu)"
    },
    {
      "key": "strict-transport-security",
      "value": "max-age=31536000 ; includeSubDomains"
    },
    {
      "key": "vary",
      "value": "Origin"
    },
    {
      "key": "x-content-type-options",
      "value": "nosniff"
    },
    {
      "key": "x-frame-options",
      "value": "DENY"
    },
    {
      "key": "x-xss-protection",
      "value": "0"
    }
  ],
  "responseContentType": "application/json"
}

CATS Replay

cats replay Test6687