Hi Suraj,
Not sure this will help, as it may not apply to your case. When I tested OAuth (confidential access code flow) with Postman in APIC v5 I found that, to get the access token, I had to extract it from the redirect url with this test script:
---- begin test script ----
tests["Status code is 302"] = responseCode.code === 302;
postman.clearEnvironmentVariable("access_token");
// location header contains the token in a url fragment
//
https://host/org/cat/redirect-uri#access_token=AAIkZTQ0ZDRlZT...&expires_in=...&token_type=bearervar tmp1 = postman.getResponseHeader("Location").split('#');
// tmp1[0]:
https://host/org/cat/redirect-uri// tmp1[1]: access_token=AAIkZTQ0ZDRlZT...&expires_in=...&token_type=bearer
var tmp2 = tmp1[1].split('&');
// tmp2[0]: access_token=AAIkZTQ0ZDRlZT...
// tmp2[1]: expires_in=...&token_type=bearer
var tmp3 = tmp2[0].split('=');
// tmp3[0]: access_token
// tmp3[1]: AAIkZTQ0ZDRlZT... <== got it!
var tok = tmp3[1];
postman.setEnvironmentVariable("access_token", tok);
---- end test script ----
Hope it helps. Sorry I cannot provide more details; I did this 3 years ago and haven't worked with APIC since.
Regards,
------------------------------
Emir Garza
------------------------------
Original Message:
Sent: Wed October 27, 2021 08:56 AM
From: Suraj Sakpal
Subject: Test OAuth API using Postman
Hi,
We import sample FindBranch API on API Manger (Cloud Pak Trial Version) and configure OAuth+OIDC security for this API.
We tested this api using api manager and curl command with success(With authorization code and token). We are not able perform this test using postman.
Can you please guide us how to test OAuth using postman.
For configuring oauth & oidc we follow following link:
Tutorial: Implementing OAuth Security
Tutorial: Implementing OIDC Security
Thanks
------------------------------
Suraj Sakpal
------------------------------