Getting User Auth Token in Postman

Hello all,

Very new to OAuth2.0 and Auth0, working on standing up a new RestAPI protected by Auth0. We also have a UI which uses the Auth0 Universal Login for our users to sign in on.

Currently, I would like to test my API in postman so that I do not need to spin up our web app just to get the bearer token. To do this, I have been trying to follow many guides on using Postman’s OAuth 2.0 authorization. It feels like I am very close to my goal of being able to log in as one of our test users to get a token then proceed with postman but something just isnt clicking…

I have the following:
grant type: Authorization Code
auth url: https://{my-app}.auth0.com/authorize
Access Token URL: https://{my-app}.auth0.com/oauth/token

client id: the id of {my-app} above
client secret: The secret of my app
Scope and state are blank
Client Auth: Send as basic auth header
Audience: my Auth0 API Identifier

I have set the call backs and everything correctly. So whats happening is, I click “Get New Access Token” with the information above, my browser opens up and says " Your call is authenticated" which then calls back to postman. Then I get the error “Authentication failed.”

In the console, I see a post request being made to my access token url listed above which gets a 301 redirect to a get request to the same url which then gives a 404 not found.

I have tried making sure my client ids are correct, trying different callback types, using the API debugging tool. No luck. Thank you for any insight!

Hi @scott.glascott,

I have a couple of suggestions that will make this easier.

If you want tokens quickly and easily for testing, you should try out the authentication API debugger extension. It will allow you to easily obtain tokens directly in Auth0 UI.

If you want to use postman to get tokens for testing, you can temporarily turn on the password grant to exchange an email/password directly for tokens. Make sure you turn this off when you are done testing.

If you want to test out your current flows with postman, I’m also happy to work through it, it just tends to be more complex.