Last active
June 8, 2021 18:53
-
-
Save nzpcmad/66b2da0aa7bbdb61650ed6930b943413 to your computer and use it in GitHub Desktop.
Postman : Resource Owner Password Grant on Server 2016 - ADFS 4.0
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{ | |
"variables": [], | |
"info": { | |
"name": "ADFS Public Resource Owner", | |
"_postman_id": "7dd4d5e3-fa83-6977-5b71-5571e8fce9f6", | |
"description": "", | |
"schema": "https://schema.getpostman.com/json/collection/v2.0.0/collection.json" | |
}, | |
"item": [ | |
{ | |
"name": "Token Request - Resource owner", | |
"event": [ | |
{ | |
"listen": "test", | |
"script": { | |
"type": "text/javascript", | |
"exec": "tests['Status Code is 200'] = (responseCode.code === 200);\n\nif (responseCode.code === 200) {\n \n try {\n var tokens = JSON.parse(responseBody),\n access_token = tokens.access_token;\n }\n\n catch(e) {\n console.log(e);\n }\n \n postman.setGlobalVariable(\"access_token\", access_token);\n}\n\n" | |
} | |
} | |
], | |
"request": { | |
"url": "https://my-adfs/adfs/oauth2/token", | |
"method": "POST", | |
"header": [ | |
{ | |
"key": "Content-Type", | |
"value": "application/x-www-form-urlencoded", | |
"description": "" | |
} | |
], | |
"body": { | |
"mode": "urlencoded", | |
"urlencoded": [ | |
{ | |
"key": "grant_type", | |
"value": "password", | |
"type": "text", | |
"enabled": true | |
}, | |
{ | |
"key": "username", | |
"value": "dev\\user1", | |
"type": "text", | |
"enabled": true | |
}, | |
{ | |
"key": "password", | |
"value": "some password", | |
"type": "text", | |
"enabled": true | |
}, | |
{ | |
"key": "client_id", | |
"value": "bbc...db2", | |
"type": "text", | |
"enabled": true | |
}, | |
{ | |
"key": "client_secret", | |
"value": "SrW...GoU", | |
"type": "text", | |
"enabled": true | |
}, | |
{ | |
"key": "scope", | |
"value": "openid", | |
"type": "text", | |
"enabled": true | |
} | |
] | |
}, | |
"description": "The POST request for resource owner. Again you need to fill in your own client_id and client_secret. Then click 'Send'. This will return an access token. You can see what's in the access token by copy / paste into 'jwt.io' in a browser. " | |
}, | |
"response": [] | |
}, | |
{ | |
"name": "Userinfo Request RO", | |
"event": [ | |
{ | |
"listen": "test", | |
"script": { | |
"type": "text/javascript", | |
"exec": "tests['Status Code is 200'] = (responseCode.code === 200);\n" | |
} | |
} | |
], | |
"request": { | |
"url": "https://my-adfs/adfs/userinfo", | |
"method": "GET", | |
"header": [ | |
{ | |
"key": "Authorization", | |
"value": "Bearer {{access_token}}", | |
"description": "" | |
} | |
], | |
"body": { | |
"mode": "formdata", | |
"formdata": [] | |
}, | |
"description": "An example use of the access_token. Normally you would replace the access token with the one you got from the token request! This is done autimatically. Just click 'Send'. You should get attributes like 'sub' back." | |
}, | |
"response": [] | |
} | |
] | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
http://nzpcmad.blogspot.co.nz/2016/11/postman-using-postman-for-resource.html