Runs a few tests using an auth token in the request header instead of the usual session object