When you need to access WEBAPI using postman, you need to use three steps
1. Create an Azure AD app
2. Generate tokens
3.Postman calls Webapi based on the generated token
--------------------------------------------------------------------------------------------------------------- ----------------------------------------------------
First, create an azure ad app
Go to the Azure console page and select "Azure Active Directory"
Select "App Registration"
Select New App "Program registration"
In the Created window, enter the application's "name" and "Login url", the address is pre-entered, using 3006 port, this 3006 port will be used after
The basic properties of the created application
An app was created, but the app doesn't have any permissions and needs to be added to the Access background API
After selecting the "Required Permissions", click "Add", the "Select API" appears, enter the background of the API keyword, and click on the "Select" button below
What we've chosen here is "Designer Workbench (DEV)-Backend"
After selecting the API, you need to select the permissions, when the list of permissions appears, check the permissions, OK
In addition to the "Required permissions", what I'm demonstrating here is that by creating a key and then not needing to log in, you can get the token directly
Click "Key", enter "description", and select "expire" to "Never expire", click "Save"
After saving, the generated key will be copied to the computer and saved, you need to use it later
g+iisbgtjkqwqcz6gxo9tw01ca59mxi8ylfe3weudwy=
Ii. Generation of Tokens
Create a new Folder "Token-test" in your computer
Run command "NPM install-g Express" in folder, Global Install Express
Use "express Token-test" to generate a Nodejs project that, when completed, will be regenerated under an empty folder into a Token-test folder.
Go to token-test and install all dependent packages using the command "NPM install"
and install the Adal dependency package using the command "NPM install--save Adal-node"
and open the project with Visual Studio Code
Modify the port number in the "/bin/www" file to the 3006 port of the previous project
Before you modify the code, you need to query the URI address of the background API
After querying the URI of the background API, copy the pending
Modify the "Routes/index.js" code to
Here to parse the meaning of each parameter
Tenant: ' esquel.onmicrosoft.com ': means the domain name that is connected to the Azure service
Authorityhosturl: ' Https://login.windows.net ',: This landing address is fixed.
ClientId: ' 7e3fbc01-eda8-41de-bd80-a5a208fa12a2 ',: is the app ID of the newly added Azuread app
Clientsecret: ' g+iisbgtjkqwqcz6gxo9tw01ca59mxi8ylfe3weudwy= ': The key for the newly added Azuread app
var resource = ' https://esquel.onmicrosoft.com/705cadd7-d8b2-44f7-9c28-3841c112f04b ';: URI for background API app
Also modify the "Views/index.jade" code to
Run the command "NPM start" to run the project and open the browser, enter the address "http://localhost:3006"
Third, postman call Webapi
If Chrome is not installed postman, install postman first
Https://chrome.google.com/webstore/detail/postman/fhbjgbiflinjbdggehcddcbncdddomop?utm_source=chrome-ntp-icon
After installing postman
When no token is normally used, it is inaccessible
If the header's authorization is set to "Bearer" + Space +token, you can access the API
Use Postman to access OAuth2 protected WEBAPI