The next step is to add a request to the collection, using the previous OAuth2 config as an authorization method. The token is then displayed in a window and you can confirm its use by clicking on the Use Token button. The user will need to already be assigned the appropriate roles.Īfter the authentication succeeds, you should be redirected to the Postman app. This URL is used to redirect to the Postman app after authentication successfully completes.Ĭlicking on the Get New Access Token will open the Keycloak login form and then you can authenticate with the user to be used when testing the API. There (or a wildcard *) should be present in the Valid Redirect URIs list for your client. To generate a new token you need to ensure the Postman redirect URL is configured in the Keycloak admin panel. # Update your Keycloak configuration (Postman Web only) This is the reason why we need to update the Keycloak configuration with Postman Web. Present in the Keycloak configuration (e.g. Please note, regarding you are using the Postman Web or the app, the Callback URL field contains different values.īasically, the Web solution needs to use a specific value while the App just need to use a value already You can define the Token Name with the value you want: In your collection view, click on the Authorization tab and define the type to OAuth 2.0 as-is:Įnter the fields with the variables previously defined. For a local running app it should be In the Postman application, you may need to save the Collection in order to make the variables available in the following steps. well-known endpoint to retrieve these values if you don't have them The base_url variable is added for convenience, but is not mandatory for authentication purposes The client id account used to authenticate the user Variableĭefault value in a Blueprint-based Entando App Please note you can choose the variable names you want, according to what makes sense to you. Postman allows us to define variables for a given collection, and we can use them at the collection level to configure the OAuth2 settings but also at the request level. Name it as you want, we usually try to create a collection per application. This helps us to gather different requests under the same folder but also to share the configuration and the Auth mode among them.Ĭlick on the button when you are on the collection left menu. Postman's collection folders make it easy to keep your API requests and elements organized. The screenshots in this tutorial have been made with the current web version. Get the Postman (opens new window) application or create an account to use it on the web. In this tutorial, we will call an API from an application generated with the Entando JHipster blueprint. The tutorial will help you to configure Postman to reach your APIs secured with OAuth2 and Keycloak. # Use Postman with OAuth2 APIs # Overview
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |