Postman Authorization Use Cases

In this article, you will learn how to use the postman to start dealing with Envase Connect Core API.

To be able to use postman to issue requests to any API that is being authorized by Cognito authorizer we need to send an Authorization header with a value of a valid id_token.

Generating id token through Postman

  1. From Postman create new dummy api and set authorization to be oauth2, and set the Header Prefix to Bearer.

../_images/auth_type.png

  1. Fill the info in the rest of the page as the following table.

../_images/authorization_api_1.png

DEV Environment Configurations

Field

Value

Grant Type

Authorization Code

Callback URL

http://localhost

Auth URL

https://envase-dev.auth.us-east-1.amazoncognito.com/oauth2/authorize

Access Token URL

https://envase-dev.auth.us-east-1.amazoncognito.com/oauth2/token

Client ID

319islc07e6308m7g72j825pa7

Client Secret

r3vftbv8uu0e0agthagkegipihpejl7dl05gl3n14e7333pem76

Scope

openid

State

test

STG Environment Configurations

Field

Value

Grant Type

Authorization Code

Callback URL

http://localhost

Auth URL

https://envase-stg.auth.us-east-1.amazoncognito.com/oauth2/authorize

Access Token URL

https://envase-stg.auth.us-east-1.amazoncognito.com/oauth2/token

Client ID

5aftp6oe6f3bb8jf112j08f0cl

Client Secret

cpftj9cbh60cna7eog0e6lbefrjusmdmt0cmpp7e3h4qrkmkn4m

Scope

openid

State

test
../_images/authorization_api_2.png

3. Click on Get New access token button will open a new sign in window for username and password. You can use the following usernames and passwords

User

Email

Role

DEV/STG Password

System Admin

system.admin@envasegatewaytest.com

SYS_ADMIN

E56x%4AB

Customer 1 Admin

customer1_admin@envasegatewaytest.com

ORG_ADMIN

E56x%4AB

Customer 1 User

ptcustomer1@envasegatewaytest.com

ORG_USER

E56x%4AB

Customer 2 Admin

customer2_admin@envasegatewaytest.com

ORG_ADMIN

E56x%4AB

Customer 2 User

ptcustomer2@envasegatewaytest.com

ORG_USER

E56x%4AB

Unidentified User

unidentified.user@envasegatewaytest.com

Unidentified

E56x%4AB
../_images/postman_signin.png

4. After signing in you will get the token details, copy the id_token to be used in authorization header of any other postman calls that will need cognito id_token.

../_images/id_token.png

5. In your actual API call add a new header called ‘Authorization’ with the value of the id_token that you have copied in the previous step and don’t forget to add the x-api-key also if needed.

Environment

Base URL

API KEY

Dev

https://core-dev.envaseconnect.cloud

ni5r78bc561s5nf734wFx1AMIwYtvi9B6bVQh7pm

STG

https://core-stg.envaseconnect.cloud

ni5r78bc561s5nf734wFx1AMIwYtvi9B6bVQh7pm
../_images/authorization_header.png