Postman scripts for Login Using the Authorization Code Flow with PKCE

raok1997 · August 27, 2021, 8:44pm

Hi Gurus, I am new to Auth0 .

I trying to get access token for my app from Postman. I followed Add Login Using the Authorization Code Flow with PKCE and was able to get the access_token from browser. This token is in line with our expectations.

I am trying to automate this with Postman using the steps mentioned in OAuth 2.0: Implicit Flow is Dead, Try PKCE Instead | Postman Blog . The access token from postman is differen and jwt says invalid signature, but the id_token is same. Could you shed some light what i might be doing wrong. Attached the postman script images to Get New Access Token.

Token screenshot

Appreciate your support!!

raok1997 · August 31, 2021, 7:40pm

Hi Gurus, I tried the postman collection Collection Web View | Postman with postman v8.11.x and v7.36.5 but still no luck. Could any one help with this?

raok1997 · August 31, 2021, 8:04pm

Also, tried the GitHub - auth0/postman-collections: Postman collections for Auth0 public APIs with Postman v7.36.5, but still no luck. Did anyone successfully use the Authorization Code (PKCE) request (from Get Access Token of Auth0 Authentication API) ?

john.gateley · September 1, 2021, 2:35pm

Hi @raok1997

Your access token is opaque, not a JWT. This happens when you don’t specify an audience.

If you specify an audience (I am not sure how to do that in Postman) you will get a JWT access token back.

John