Use Postman to access OAuth2 protected WEBAPI

Source: Internet
Author: User

When you need to access WEBAPI using postman, you need to use three steps

1. Create an Azure AD app

2. Generate tokens

3.Postman calls Webapi based on the generated token

--------------------------------------------------------------------------------------------------------------- ----------------------------------------------------

First, create an azure ad app

Go to the Azure console page and select "Azure Active Directory"

Select "App Registration"

Select New App "Program registration"

In the Created window, enter the application's "name" and "Login url", the address is pre-entered, using 3006 port, this 3006 port will be used after

The basic properties of the created application

An app was created, but the app doesn't have any permissions and needs to be added to the Access background API

After selecting the "Required Permissions", click "Add", the "Select API" appears, enter the background of the API keyword, and click on the "Select" button below

What we've chosen here is "Designer Workbench (DEV)-Backend"

After selecting the API, you need to select the permissions, when the list of permissions appears, check the permissions, OK

In addition to the "Required permissions", what I'm demonstrating here is that by creating a key and then not needing to log in, you can get the token directly

Click "Key", enter "description", and select "expire" to "Never expire", click "Save"

After saving, the generated key will be copied to the computer and saved, you need to use it later

g+iisbgtjkqwqcz6gxo9tw01ca59mxi8ylfe3weudwy=

Ii. Generation of Tokens

Create a new Folder "Token-test" in your computer

Run command "NPM install-g Express" in folder, Global Install Express

Use "express Token-test" to generate a Nodejs project that, when completed, will be regenerated under an empty folder into a Token-test folder.

Go to token-test and install all dependent packages using the command "NPM install"

and install the Adal dependency package using the command "NPM install--save Adal-node"

and open the project with Visual Studio Code

Modify the port number in the "/bin/www" file to the 3006 port of the previous project

Before you modify the code, you need to query the URI address of the background API

After querying the URI of the background API, copy the pending

Modify the "Routes/index.js" code to

Here to parse the meaning of each parameter

Tenant: ' esquel.onmicrosoft.com ': means the domain name that is connected to the Azure service

Authorityhosturl: ' Https://login.windows.net ',: This landing address is fixed.

ClientId: ' 7e3fbc01-eda8-41de-bd80-a5a208fa12a2 ',: is the app ID of the newly added Azuread app

Clientsecret: ' g+iisbgtjkqwqcz6gxo9tw01ca59mxi8ylfe3weudwy= ': The key for the newly added Azuread app

var resource = ' https://esquel.onmicrosoft.com/705cadd7-d8b2-44f7-9c28-3841c112f04b ';: URI for background API app

Also modify the "Views/index.jade" code to

Run the command "NPM start" to run the project and open the browser, enter the address "http://localhost:3006"

Third, postman call Webapi

If Chrome is not installed postman, install postman first

Https://chrome.google.com/webstore/detail/postman/fhbjgbiflinjbdggehcddcbncdddomop?utm_source=chrome-ntp-icon

After installing postman

When no token is normally used, it is inaccessible

If the header's authorization is set to "Bearer" + Space +token, you can access the API

Use Postman to access OAuth2 protected WEBAPI

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.