-1

I'm not too familiar with API requests and I'm having a hard time trying to set up the below authentication. I have tried Postman and Insomnia but I don't know how to fill out the information requested by the software with the information I have below.

One thing that also confuses me is that the URL says "oauth2" but the Authorization says "basic".

Sample authentication request:

POST https://******/issue/oauth2/token HTTP/1.1
Authorization: Basic [base64 encoded]
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
grant_type=password&username=***&password=***&scope=https://api.******.com/

My issue is that I don't know how to set up it neither Insomnia nor Postman. I don't see fields for all that information I have.

Parameters that I have:

Authorization Basic: base64["API Key":"API Secret"]
Username: *****
Password: *****

Expected to receive:

Sample Authentication response: 

    HTTP/1.1 200 OK
    
    {"access_token":"xxxxxxxxxxx","token_type":"urn:ietf:params:oauth:token-type:jwt","expires_in":35999,"refresh_token":"xxxxxxxxxxxxxx"}

Thanks

Flib
  • 165
  • 3
  • 14
  • You shared what you expect to receive, but what did you actually receive? – Evert May 25 '21 at 02:05
  • Hi, thank you. But my issue is that I don't know how to set up it neither Insomnia nor Postman. I don't see fields for all that information I have. – Flib May 25 '21 at 11:56
  • If you can't use a HTTP client and figure out what you are receiving from the server, then your attention should go to learning that first. There's no way people would be able to help you if you can't fully describe what is going wrong. – Evert May 25 '21 at 16:26

2 Answers2

3

I'm not familiar with the Insomnia application but this should work for Postman. This solution will authenticate for the collection and enable any underlying requests to use the same authentication. If you'd like a standalone request that handles the authentication then let me know.

Firstly, when creating your collection/folder select the Authorization tab and change the type to OAuth 2.0. collection_oauth

Next, select Get New Access Token. This will open a 'token' UI. Based on the info you've supplied you should be able to set up as per the example below. collection_token

Then just follow the prompts, i.e. select Request Token on this UI, then Update on the collection UI.

To use the OAuth token generated for data requests, select the Authorization tab on each request and set Type to Inherit auth from parent.

Note: the {{...}} text assumes that you're using environment variables but can be replaced with static text.

mitch-NZ
  • 320
  • 2
  • 13
-1

the endpoint you have is an authorization endpoint that provides you with an access token. And you have to use that access token to access content from different endpoints

so you authenticate using user name and password, this shows who you are

and the access token is to show what access you have , it is used for authorization

https://oauth.net/articles/authentication/

PDHide
  • 18,113
  • 2
  • 31
  • 46
  • Hi, thank you. But my issue is that I don't know how to set up it neither Insomnia nor Postman. I don't see fields for all that information I have. – Flib May 25 '21 at 11:55
  • @just add the role as bearer token by going to the authorization tab – PDHide May 25 '21 at 16:25