Azure active directory & postman

Question

Azure active directory & postman

I have an Azure API app for websites that is protected by an active office tenant. Through Postman, I am trying to get the OAuth2 access token using the Postman OAuth2 Helper . Accessing the token requires four bits of information: the tenant's lease endpoint, tenant's token endpoint, customer ID, and client secret of the associated tenant application. It also seems that the tenant's response URL should include https://www.getpostman.com/oauth2/callback , in which the postman should receive a token in the assistant.

I can't get this to work. The token access button returns an error message, but it is very difficult to decipher what the error is: the debug URL does not show anything.

Does anyone have experience trying to get an AAD Oauth access token with an Oman Oman 2 assistant? If so, do you have any hints as to where I should look for debugging, what happens?

+7

azure active-directory postman

Bill mcknight Sep 23 '15 at 1:19

source share

4 answers

juunas · Answer 1 · 2017-01-09T17:41:46+0000

Unfortunately, the extension does not have one critical field for Azure AD. AAD needs to know what resource the token is required for, since the token will not work for all APIs for which your application has permissions. The authorization code was actually received successfully, but the request to the token endpoint fails with an error message about the missing resource identifier. Thus, you cannot use it with AAD, neither the authorization code, nor the client credential stream work.

Update: Azure AD v2 endpoint allows you to use a scope setting instead of a resource that Postman supports!

sdasdadas · Answer 2 · 2017-04-27T10:01:29+0000

The resource identifier can be specified as an Auth URL parameter.

 Auth URL: https://_______________?resource=https://_________

Keith geringer · Answer 3 · 2016-06-07T15:08:35+0000

I am trying to use the same authentication stream with a postman (vs extension) application. Watching the violinist, it looks like permission to grant the right is being returned, as I see the answer from the AAD form, GET https://www.getpostman.com/oauth2/callback?code=AAABAAAAiL9Kn2Z27UubvWFPbm0gLTo3oWq ....

I assume that the "code" is an authorization permission, because if I try to use it as an access token, it is unauthorized. Also the violinist's session responds to 301 Moved forever https://app.getpostman.com/oauth2/callback ...

This is my experience with AAD and Postman. You must first confirm that you have successfully authenticated through AAD and Postman.

bkwdesign · Answer 4 · 2017-06-16T16:23:52+0000

Adapted from this post.

create a special registration of postman-test applications in the AD-tenant, with the right to access your target API. Make sure it has the postman mail translator mentioned earlier.
fill out the Postman OAuth helper form with the following details:
- The name of the token . Any name to save the token.
- Authorization address - https://login.microsoftonline.com/{tenant}/oauth2/authorize?resource={testing-appId-uri}
- Access Token Id - https://login.microsoftonline.com/{tenant}/oauth2/token
- Customer id Client ID from the configure tab from postman-test application.
- Client Secret . Client secret copied from postman-test application settings tab.
- Grant Type - Authorization Code

Note:

tenant This can be either the name of the active directory or TenantId of the administrator who created the active directory.
testing-appId-uri is the identifier of the Uri application of the application you are testing. Must include http: // or https: // and does not require escaping

Azure active directory & postman

More articles: