punkouter punkouter -4 years ago 184
Javascript Question

Can this javascript oauth call be represented in POSTMAN? (or c#)

I have a API I am trying to test out. They sent me this javascript so I tried to imitate it below. Now sure how to do it in postman

dataType: 'json',
type: 'POST',
data: {grant_type: 'client_credentials'},
url: '',
beforeSend: function( xhr ) {
var clientID = 'c39692d9-8998-497f-8ea2-7503be9fc8c1',
clientSecret = 'befb744f-37f5-491d-8d57-e8e5c1419f2e',
authKey = btoa(clientID + ':' + clientSecret);
xhr.setRequestHeader('Authorization', 'Basic ' + authKey);

enter image description here

Answer Source

This specific screen in Postman (The Oauth form) will not allow you to pass the "Authorization" header. The request in the code snippet represents a step in the oauth's client_credentials flow (see here), while the Postman form in the screenshot is the first one in (Authorization Code or Implict ones)(see here).

If you want to replicate exactly what is in the example, you will have to construct a POST request in Postman, adding manually the headers and the payload used in the example.

But also, besides that, you will still miss the encoded string generated by the btoa function in the javascript example. If your intention is to just test it manually, you can execute btoa(clientID + ':' + clientSecret) manually and paste the result in Postman headers configuration.

ps: I strongly recommend you to read about the different grant flows that Oauth supports.

Recommended from our users: Dynamic Network Monitoring from WhatsUp Gold from IPSwitch. Free Download