Getting started with JWT tokens in Postman
Importing Client collection in Postman.
To import Client collection in Postman, follow these steps:
- Open the Postman app.
- Click the Import button in the top left corner of the Postman app.
- Select the Import File option.
- Select the collection file you wish to import. Postman collection files have a
.jsonfile extension. - Click the Open button to import the collection.
- The collection will be imported and added to your Postman account. You can access the collection by clicking the Collections tab in the top left corner of the Postman app.
The Client collection should include four requests: GetAuthToken, GetAccessToken, GetIdToken, and ValidateToken. Please verify that these requests are present in the collection.
Setting username and password in GetAuthToken Request
Edit the GetAuthTokenRequest to set proper credentials by following these steps.
- Click on the Collections tab in the top left corner of the Postman app.
- Scroll through the list of collections until you find the Client collection.
- Click on the Client collection to open it.
- Click on the GetAuthToken tab.
- Click on the body tab and enter your username and password with respect to the correct field.
{“username”: “OpeniamUsername”, “password”: “OpeniamPassword”}
Set the collection variables
Set the variables in the Client collection by following these steps:
- Click the Collections tab in the top left corner of the Postman app.
- Scroll through the list of collections until you find the Client collection.
- Click the Client collection to open it.
- Click the Variables tab.
- Set the following variables by clicking the Add button and entering the variable with their corresponding values as present in the following table:
| Variable | Initial Value | Current Value |
|---|---|---|
| client_id | Client id obtained from authentication provider | Client id obtained from authentication provider |
| client_secret | Client secret obtained from auth provider | Client secret obtained from authentication provider |
| grant_type | client_credentials | client_credentials |
| response_type | id_token%20code | id_token%20code |
| redirect_url | Redirect URL is provided by authentication provider | Redirect URL is provided by auth provider |
- Click Save button to save the variables.
Note: Variable name should be the same as mentioned in the document, these variables are global to the AipoClient collection and are being used in multiple places, any changes in the name might lead to failure of getting the JWT token.
Disable Automatically follow redirect is postman
To disable automatic redirects in Postman, follow these steps:
- Open the settings by going to the File menu.
- In the dialog box, find the setting labeled Automatically follow redirects and disable it.
Note: Please caution that the Automatically follow redirects setting should be disabled in order for Postman to access the redirect location. If this setting is enabled, Postman will automatically follow the redirect and will not be able to access the location specified in the redirect.
Run the Client Collection.
To run a collection in Postman, follow these steps:
- Click the Collections tab on the left side of the screen.
- Click on the Client collection.
- The collection will open and display a list of requests, make sure all requests are selected.
- Click the Run Client button.
Before running the AClient collection, make sure to enable the option to save responses in the Additional settings. This will allow Postman to save the responses from the server for each request in the collection. To do this, follow these steps:
- Open the Client collection.
- Click the Additional settings button in the top right corner of the screen.
- In the Additional settings dialog box, find the option labeled Save response and enable it.
- Click Save to apply the changes and close the dialog box.
- The Client collection is now set up to save responses. You can run the collection as usual by clicking on each request and then clicking the Send button.
Note: Enabling this option will allows user to check the response for each request, Otherwise postman will not log any response.
View the response in console
To open the console in Postman, follow these steps:
- Open the Postman app.
- Click the View menu at the top of the screen.
- Select Show Postman Console from the dropdown menu.
Alternatively users can click the console button at the bottom.
Note: It is important to open the Postman console, as the id_token value and decoded JWT token values will be displayed there. The console button location is shown below.
After running the collection, you can check the decoded JWT token in the Postman console, as shown below.
