Postman Authorization Use Cases

In this article, you will learn how to use the postman to start dealing with Envase Connect Core API.

To be able to use postman to issue requests to any API that is being authorized by AWS Cognito authorizer we need to send an Authorization header with a value of a valid access_token.

Generating id token through Postman

  1. From Postman create new dummy API and set authorization to be oauth2, and set the Header Prefix to Bearer.

../../_images/auth_type.png

  1. Fill the info in the rest of the page as the following table.

../../_images/authorization_api_1.png

DEV Environment Configurations

Field

Value

Grant Type

Authorization Code

Callback URL

http://localhost

Auth URL

https://envase-dev.auth.us-east-1.amazoncognito.com/oauth2/authorize

Access Token URL

https://envase-dev.auth.us-east-1.amazoncognito.com/oauth2/token

Client ID

issued-client-id

Client Secret

issued-client-secret

Scope

State

test

STG Environment Configurations

Field

Value

Grant Type

Authorization Code

Callback URL

http://localhost

Auth URL

https://envase-stg.auth.us-east-1.amazoncognito.com/oauth2/authorize

Access Token URL

https://envase-stg.auth.us-east-1.amazoncognito.com/oauth2/token

Client ID

issued-client-id

Client Secret

issued-client-secret

Scope

State

test

PRD Environment Configurations

Field

Value

Grant Type

Authorization Code

Callback URL

http://localhost

Auth URL

https://envase.auth.us-east-1.amazoncognito.com/oauth2/authorize

Access Token URL

https://envase.auth.us-east-1.amazoncognito.com/oauth2/token

Client ID

issued-client-id

Client Secret

issued-client-secret

Scope

State

test
../../_images/authorization_api_2.png

  1. Click on Get New access token button will open a new sign in window for username and password. You should use the user name and password provided for your user account.

../../_images/postman_signin.png

  1. After signing in you will get the token details, copy the access_token to be used in authorization header of any other postman calls that will need AWS Cognito access_token.

../../_images/id_token.png

  1. In your actual API call add a new header called ‘Authorization’ with the value of the access_token that you have copied from the previous step and don’t forget to add the X-Api-Key also if needed.

Environment

Base URL

API KEY

DEV

https://core-dev.envaseconnect.cloud

issued-api-key

STG

https://core-stg.envaseconnect.cloud

issued-api-key

PRD

https://core.envaseconnect.cloud

issued-api-key
../../_images/authorization_header.png