Perfect! And now we can move onto making requests. The download button for Postman on MacBook Once you’ve done that, you’ll be redirected to a page for downloading the software. Postman is available for use with Linux, Windows, and OS X. It’s time to take the plunge and download Postman. It has a sleek user interface you can make requests easily. You can use it no matter what language you’re programming in. This setup can also be tweaked to be used with other identity providers that utilize the authorization code flow, such as Auth0, AWS Cognito, etc.Because there are lots of pros to this particular interface: Since we can programmatically get our access token, this collection can also be useful in creating full regression tests to ensure that all endpoints (including the protected ones) are working as expected. Using Postman collection runners to get our Okta access token makes API testing and backend development much more streamlined. For example, instead of typing “ we can just use as the value for Token and presto… we can now make API requests as if we were logged in as a user! We can access these environment variables by adding two curly braces around our environment variable name. We will tidy things up by using Postman variables. The sessionToken, authorizationCode, and accessToken can be left blank, as we will programatically fill in these values from our requests.The authServer is set as default unless you have created a custom auth server.You can find more details on Okta’s implementation here. The code challenge and code verifier values are used in the Proof Key of Code Exchange (PKCE) flow. The codeChallenge and codeVerifier values can be generated here.In our case, we won’t be redirecting anywhere, but the redirectUri is required as a parameter of the request. If your application doesn’t already have a redirect URI, you can set it up with a As part of the authorization code flow, users are redirected back to your client application via the redirectUri after logging in with Okta. These redirect URI value(s) can be found under the Login redirect URIs field in your Okta Applications settings (screenshot below). The redirectUri must match one of the URIs that you have approved for your Okta application.The oktaUrl (Okta domain) and oktaClientId (Client ID) can be found within the general settings of your Okta app.The email and password are the user credentials.Setup our environment variables based on Okta’s authorization code flow docs. The collection will allow us to use runners to run all our requests at once. We’ll name this collection “Okta Login,” but this can be named anything you like. The following requests are based on the Okta platform and Okta’s authorization code flow with PKCE documentation.Ĭollection and Environment Variables SetupĬreate a collection under Collections > + > Create New Collection. But through painstaking trial and error, I’ve put together a solution to automate the Postman login process with the click of a button! In this blog, I will go over step-by-step how you can create the same automated Postman login setup. There are some imperfect workarounds that require us to manually enter our credentials each time we need to retrieve an access token. One of the big hurdles, however, is testing API endpoints that are protected. Postman is a great tool for testing our APIs and streamlining backend development.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |