Create a gist now

Instantly share code, notes, and snippets.

Postman : Resource Owner Password Grant on Server 2016 - ADFS 4.0
{
"variables": [],
"info": {
"name": "ADFS Public Resource Owner",
"_postman_id": "7dd4d5e3-fa83-6977-5b71-5571e8fce9f6",
"description": "",
"schema": "https://schema.getpostman.com/json/collection/v2.0.0/collection.json"
},
"item": [
{
"name": "Token Request - Resource owner",
"event": [
{
"listen": "test",
"script": {
"type": "text/javascript",
"exec": "tests['Status Code is 200'] = (responseCode.code === 200);\n\nif (responseCode.code === 200) {\n \n try {\n var tokens = JSON.parse(responseBody),\n access_token = tokens.access_token;\n }\n\n catch(e) {\n console.log(e);\n }\n \n postman.setGlobalVariable(\"access_token\", access_token);\n}\n\n"
}
}
],
"request": {
"url": "https://my-adfs/adfs/oauth2/token",
"method": "POST",
"header": [
{
"key": "Content-Type",
"value": "application/x-www-form-urlencoded",
"description": ""
}
],
"body": {
"mode": "urlencoded",
"urlencoded": [
{
"key": "grant_type",
"value": "password",
"type": "text",
"enabled": true
},
{
"key": "username",
"value": "dev\\user1",
"type": "text",
"enabled": true
},
{
"key": "password",
"value": "some password",
"type": "text",
"enabled": true
},
{
"key": "client_id",
"value": "bbc...db2",
"type": "text",
"enabled": true
},
{
"key": "client_secret",
"value": "SrW...GoU",
"type": "text",
"enabled": true
},
{
"key": "scope",
"value": "openid",
"type": "text",
"enabled": true
}
]
},
"description": "The POST request for resource owner. Again you need to fill in your own client_id and client_secret. Then click 'Send'. This will return an access token. You can see what's in the access token by copy / paste into 'jwt.io' in a browser. "
},
"response": []
},
{
"name": "Userinfo Request RO",
"event": [
{
"listen": "test",
"script": {
"type": "text/javascript",
"exec": "tests['Status Code is 200'] = (responseCode.code === 200);\n"
}
}
],
"request": {
"url": "https://my-adfs/adfs/userinfo",
"method": "GET",
"header": [
{
"key": "Authorization",
"value": "Bearer {{access_token}}",
"description": ""
}
],
"body": {
"mode": "formdata",
"formdata": []
},
"description": "An example use of the access_token. Normally you would replace the access token with the one you got from the token request! This is done autimatically. Just click 'Send'. You should get attributes like 'sub' back."
},
"response": []
}
]
}