Postman scripts for Login Using the Authorization Code Flow with PKCE

Hi Gurus, I am new to Auth0 .

I trying to get access token for my app from Postman. I followed Add Login Using the Authorization Code Flow with PKCE and was able to get the access_token from browser. This token is in line with our expectations.

I am trying to automate this with Postman using the steps mentioned in OAuth 2.0: Implicit Flow is Dead, Try PKCE Instead | Postman Blog . The access token from postman is differen and jwt says invalid signature, but the id_token is same. Could you shed some light what i might be doing wrong. Attached the postman script images to Get New Access Token.

ConfigurationOptions2204×1356 237 KB

AdvancedOptions2212×1072 183 KB

Token screenshot

Token1288×718 111 KB

Appreciate your support!!

Hi Gurus, I tried the postman collection Collection Web View | Postman with postman v8.11.x and v7.36.5 but still no luck. Could any one help with this?

Also, tried the GitHub - auth0/postman-collections: Postman collections for Auth0 public APIs with Postman v7.36.5, but still no luck. Did anyone successfully use the Authorization Code (PKCE) request (from Get Access Token of Auth0 Authentication API) ?

Hi @raok1997

Your access token is opaque, not a JWT. This happens when you don’t specify an audience.

If you specify an audience (I am not sure how to do that in Postman) you will get a JWT access token back.

John

I was able to get this working in Postman using Authorization Code with PKCE. The key is to pass the “audience” in the Auth Request section and change the “Client Authentication” value to “Send client credentials in body”.

Thank you for providing the solution with the community @prashanth!

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.