This article is the second part of a two-part series. Below are the different parts of this article series.
- Securing Backend API Using OAuth with Entra ID and Azure API Management
- Configuring Postman to retrieve an OAuth 2.0 token from Entra ID for calling an API via APIM
In this article, I will guide you through configuring your Postman client to retrieve an access token from Entra ID, enabling you to call an API exposed via APIM.
For better organization, I have grouped related APIs into a collection.
Navigate to Authorization section and provide following details
You can obtain most of the required details from your client App Registration. These parameters are readily available in the Endpoints view of your client application. We covered how to create and configure a client App Registration in our previous blog post.
Following are some important parameters
#Auth URL
OAuth 2.0 authorization endpoint (v2) in the Endpoints view of your client app registration
#Access Token URL
OAuth 2.0 token endpoint (v2) in the Endpoints view of your client app registration
#Client ID
Client ID of your client app registration
#Client Secret
#Client ID
Client secret you generated within your client app registration
#Callback URL
Redirect URL from the Authentication section (Shown in below diagram)
That completes the configuration. You can now click the Get New Access Token button to interactively retrieve an access token.
Next, ensure that your API is configured to retrieve the token from the parent as shown below.
Then, you can successfully retrieve response with valid access token
No comments:
Post a Comment