Use Postman to access OAuth2 protected WEBAPI

When you need to access WEBAPI using postman, you need to use three steps

1. Create an Azure AD app

2. Generate tokens

3.Postman calls Webapi based on the generated token

--------------------------------------------------------------------------------------------------------------- ----------------------------------------------------

First, create an azure ad app

Go to the Azure console page and select "Azure Active Directory"

Select "App Registration"

Select New App "Program registration"

In the Created window, enter the application's "name" and "Login url", the address is pre-entered, using 3006 port, this 3006 port will be used after

The basic properties of the created application

An app was created, but the app doesn't have any permissions and needs to be added to the Access background API

After selecting the "Required Permissions", click "Add", the "Select API" appears, enter the background of the API keyword, and click on the "Select" button below

What we've chosen here is "Designer Workbench (DEV)-Backend"

After selecting the API, you need to select the permissions, when the list of permissions appears, check the permissions, OK

In addition to the "Required permissions", what I'm demonstrating here is that by creating a key and then not needing to log in, you can get the token directly

Click "Key", enter "description", and select "expire" to "Never expire", click "Save"

After saving, the generated key will be copied to the computer and saved, you need to use it later

g+iisbgtjkqwqcz6gxo9tw01ca59mxi8ylfe3weudwy=

Ii. Generation of Tokens

Create a new Folder "Token-test" in your computer

Run command "NPM install-g Express" in folder, Global Install Express

Use "express Token-test" to generate a Nodejs project that, when completed, will be regenerated under an empty folder into a Token-test folder.

Go to token-test and install all dependent packages using the command "NPM install"

and install the Adal dependency package using the command "NPM install--save Adal-node"

and open the project with Visual Studio Code

Modify the port number in the "/bin/www" file to the 3006 port of the previous project

Before you modify the code, you need to query the URI address of the background API

After querying the URI of the background API, copy the pending

Modify the "Routes/index.js" code to

Here to parse the meaning of each parameter

Tenant: ' esquel.onmicrosoft.com ': means the domain name that is connected to the Azure service

Authorityhosturl: ' Https://login.windows.net ',: This landing address is fixed.

ClientId: ' 7e3fbc01-eda8-41de-bd80-a5a208fa12a2 ',: is the app ID of the newly added Azuread app

Clientsecret: ' g+iisbgtjkqwqcz6gxo9tw01ca59mxi8ylfe3weudwy= ': The key for the newly added Azuread app

var resource = ' https://esquel.onmicrosoft.com/705cadd7-d8b2-44f7-9c28-3841c112f04b ';: URI for background API app

Also modify the "Views/index.jade" code to

Run the command "NPM start" to run the project and open the browser, enter the address "http://localhost:3006"

Third, postman call Webapi

If Chrome is not installed postman, install postman first

Https://chrome.google.com/webstore/detail/postman/fhbjgbiflinjbdggehcddcbncdddomop?utm_source=chrome-ntp-icon

After installing postman

When no token is normally used, it is inaccessible

If the header's authorization is set to "Bearer" + Space +token, you can access the API

Use Postman to access OAuth2 protected WEBAPI