Auth0 Home Blog Docs

Get New Access Token in Postman

postman

#1

Postman seems to support requesting an OAuth 2.0 token. Has anyone been able to get this working with Auth0? It would be great to see some step-by-step instructions in the documentation/blog (or explanation why it won’t work).

![alt text][1]


Update:

I’m trying to call my own API (not the Auth0 management API) using a bearer token. In Postman, I noticed the Get New Access Token button under the Authorization tab. It seems to promise to do what I would like, get an access token using the Auth0 lock screen and allow me to use it in the headers of other Postman requests. However, I have been unable to get it to work and I’m wondering if others have experienced the same problem or have had some success.

![alt text][2]


#2

What specific call are you trying to make? I don’t see any reason why Postman wouldn’t work.


#3

Thanks for the reply @prashant. Apologies, I have included more details.


#4

In order to get an access token to call your own API through Postman you would have to fill the information requested in that dialog and do a couple of additional steps in your Auth0 Dashboard.

For the dialog, the client identifier and client secret will be the ones associated with your client, the scopes would also depend on your requirements and the URL’s would be similar to:

  • Auth URL: https://[your_account].auth0.com/authorize
  • Access Token URL: https://[your_account].auth0.com/oauth/token

In addition you would then have to configure https://www.getpostman.com/oauth2/callback as a Allowed Callback URLs in your Auth0 client settings. Finally, given Postman does not allow to configure additional custom parameters and Auth0 requires that an audience parameter be specified in the request in order to know for which API the access token should be issued to, **you would have to configure a Default Audience in your account general settings. This way, if a request does not include an audienceparameter, which would be the case for a Postman initiated one, the default audience will be used which will result in access token that can be used to call your API.


#5

I was unable to get this to work. I’ve actually invested a fair bit of time trying to get this to work. I thought the default audience would do the trick, but it did not. I get through most of the process but after I authenticate, I keep getting an HTTP 404 error.

I created an issue with Postman for Mac on GitHub. Please refer to it for all of the details. https://github.com/postmanlabs/postman-app-support/issues/3524

Thanks.


#6

Worked fine for me.


#7

Worked fine for me.


#8

@jmangelo I’m not able to get this to work, I encounter an “Invalid authorization code” error. This is the response body {“error”:“invalid_grant”,“error_description”:“Invalid authorization code”} Any suggestions?


#9

@jmangelo I’m not able to get this to work, I encounter an “Invalid authorization code” error. This is the response body {“error”:“invalid_grant”,“error_description”:“Invalid authorization code”} Any suggestions?


#10

@jmangelo I’m not able to get this to work, I encounter an “Invalid authorization code” error. This is the response body {“error”:“invalid_grant”,“error_description”:“Invalid authorization code”} Any suggestions?


#11