![]() ![]() In the new environment, we will create the following variables (with the right values for each environment): This way, whether we have different environments (DEV, QA, UAT, PROD, …), we could reuse the same requests and authentication as each environment will be using its own credentials. ![]() Postman Configurationįirst of all, we should create an Environment, where credentials and the service host url will be stored. This token will be later used in any other API request, using the HTTPS header “Authorization: Bearer ”. ![]() In this case, instead of using the usual user/password, it will be the application who will authenticate on behalf of the user, using a client_id and client_secret, with which we will make a first request to obtain an access token. The use case I'm going to show is an API secured with Bearer token, using the Client Credentials authentication flow. In this post, I'm showing how to automate the authorization process with Postman and Client Credentials authentication flow. All these services are normally protected by some kind of authentication method, which credentials needs to be added to Postman, and this can be a bit annoying to be done manually every single time. In both cases, developers usually make use of tools like Postman to test all these API requests and validate them. Usual part of web development projects is using external services to extend our applications functionality, or build our own microservices based applications providing an API to other applications to consume. I'm starting with this post to write also my publications in English, although I'm not a native English speaker, but will do my best :) You can find the Spanish version here. (cc) OAuth logo By Chris Messina, CC BY-SA 3.0 ![]()
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |