Wizard E2E Smoke Test - Authentication Guide
Required Headers for Wizard API Calls
Based on frontend implementation (dashboard/src/lib/intakeClient.ts and dashboard/src/lib/apiClient.ts):
1. Authorization Header (REQUIRED)
- Source: JWT token stored in
localStorageunder key'payroll_auth_data' - Retrieval: Frontend calls
auth.getToken()fromdashboard/src/lib/auth.ts - Required for: All wizard endpoints (
/api/v1/intake/*,/api/v1/ingestion-wizard/*)
2. X-Org-Id Header (CONDITIONAL)
- If JWT has
org_id(org-scoped user): Do NOT sendX-Org-Idheader. Backend uses JWTorg_id. - If JWT
org_idisnull(platform admin): MUST sendX-Org-Idheader with selected org ID.- Source:
localStorage.getItem('agent_mapping_selected_org_id')or provided by caller - Frontend logic:
dashboard/src/lib/orgHeader.ts→getOrgHeader()
- Source:
- Intake endpoints persist batches with
org_id=None(tenant-wide scope) - However, middleware may still require
X-Org-Idheader for platform admins - If you’re a platform admin, include the header even though the batch will have
org_id=None
Production Smoke Test Script
Seescripts/smoke_test_wizard.ps1 for a complete PowerShell script that:
- Accepts
TOKEN(and optionalORG_ID) as environment variables - Tests all wizard endpoints: Upload → Map → Discover → Preflight → Process
- Prints status codes and key response fields
CI-Safe E2E Test
Seeapi/tests/test_wizard_e2e_ci.py for a pytest-based E2E test that:
- Uses
TestClientwithdependency_overridesto bypass JWT auth - Mocks storage upload + BigQuery client calls
- Validates route orchestration without requiring real credentials
- Tests error cases (zero rows, missing canonical rows)