rbrayb/ADFS-JWT.json

## ADFS-JWT.json
{
	"variables": [],
	"info": {
		"name": "ADFS Get a JWT",
		"_postman_id": "3387aed8-7c33-0d50-20ce-596492f661a5",
		"description": "Auth code flow.",
		"schema": "https://schema.getpostman.com/json/collection/v2.0.0/collection.json"
	},
	"item": [
		{
			"name": "Auth. Code Grant",
			"description": "",
			"item": [
				{
					"name": "Authorize Request",
					"request": {
						"url": {
							"raw": "https://my-adfs/adfs/oauth2/authorize?client_id=3b8db6ed-2060-46fa-ad9b-4f68545535ed&response_type=code&redirect_uri=http://localhost:1234&response_mode=query&scope=openid",
							"protocol": "https",
							"host": [
								"my-adfs"
							],
							"path": [
								"adfs",
								"oauth2",
								"authorize"
							],
							"query": [
								{
									"key": "client_id",
									"value": "3b8db6ed-2060-46fa-ad9b-4f68545535ed",
									"equals": true,
									"description": ""
								},
								{
									"key": "response_type",
									"value": "code",
									"equals": true,
									"description": ""
								},
								{
									"key": "redirect_uri",
									"value": "http://localhost:1234",
									"equals": true,
									"description": ""
								},
								{
									"key": "response_mode",
									"value": "query",
									"equals": true,
									"description": ""
								},
								{
									"key": "scope",
									"value": "openid",
									"equals": true,
									"description": ""
								}
							],
							"variable": []
						},
						"method": "GET",
						"header": [],
						"body": {
							"mode": "raw",
							"raw": ""
						},
						"description": "A sign in request to begin the OAuth 2.0 code flow.  Be sure to copy & paste into a browser! Running this request in Postman will just return you the HTML of our login pages. You need to fill in your own redirect URI and clientID. You can get these from the ADFS endpoints in the wizard. Running this will ask you for your AD credentials. Note that this will return a 'HTTP Error 404.0 - Not Found' because there is no 'localhost/1234'. Just ignore and copy the code - the section after '?code=' and before the next "&""
					},
					"response": []
				},
				{
					"name": "Token Request - Auth Code",
					"event": [
						{
							"listen": "test",
							"script": {
								"type": "text/javascript",
								"exec": [
									"tests['Status Code is 200'] = (responseCode.code === 200);",
									"",
									"if (responseCode.code === 200) {",
									"    ",
									"    try {",
									"        var tokens = JSON.parse(responseBody),",
									"            access_token = tokens.access_token;",
									"    }",
									"",
									"    catch(e) {",
									"        console.log(e);",
									"    }",
									"    ",
									"    postman.setGlobalVariable(\"access_token\", access_token);",
									"}"
								]
							}
						}
					],
					"request": {
						"url": "https://my-adfs/adfs/oauth2/token",
						"method": "POST",
						"header": [
							{
								"key": "Content-Type",
								"value": "application/x-www-url-form-urlencoded",
								"description": ""
							}
						],
						"body": {
							"mode": "urlencoded",
							"urlencoded": [
								{
									"key": "client_id",
									"value": "3b8db6ed-2060-46fa-ad9b-4f68545535ed",
									"type": "text"
								},
								{
									"key": "scope",
									"value": "openid",
									"type": "text"
								},
								{
									"key": "redirect_uri",
									"value": "http://localhost:1234",
									"type": "text"
								},
								{
									"key": "grant_type",
									"value": "authorization_code",
									"type": "text"
								},
								{
									"key": "code",
									"value": "5ANr...RZG8Rc7-sKJw",
									"type": "text"
								}
							]
						},
						"description": "The POST request to exchange an auth code for an access token.  Be sure to replace the code with your own, that you received after signing in! Again you need to fill in your own client_id and redirect URI. Then click 'Send'. This will return an access token, an ID token and a refresh token. You can see what's in the access / ID token by copy / paste into 'jwt.io' in a browser. "
					},
					"response": []
				}
			]
		}
	]
}
	{
	"variables": [],
	"info": {
	"name": "ADFS Get a JWT",
	"_postman_id": "3387aed8-7c33-0d50-20ce-596492f661a5",
	"description": "Auth code flow.",
	"schema": "https://schema.getpostman.com/json/collection/v2.0.0/collection.json"
	},
	"item": [
	{
	"name": "Auth. Code Grant",
	"description": "",
	"item": [
	{
	"name": "Authorize Request",
	"request": {
	"url": {
	"raw": "https://my-adfs/adfs/oauth2/authorize?client_id=3b8db6ed-2060-46fa-ad9b-4f68545535ed&response_type=code&redirect_uri=http://localhost:1234&response_mode=query&scope=openid",
	"protocol": "https",
	"host": [
	"my-adfs"
	],
	"path": [
	"adfs",
	"oauth2",
	"authorize"
	],
	"query": [
	{
	"key": "client_id",
	"value": "3b8db6ed-2060-46fa-ad9b-4f68545535ed",
	"equals": true,
	"description": ""
	},
	{
	"key": "response_type",
	"value": "code",
	"equals": true,
	"description": ""
	},
	{
	"key": "redirect_uri",
	"value": "http://localhost:1234",
	"equals": true,
	"description": ""
	},
	{
	"key": "response_mode",
	"value": "query",
	"equals": true,
	"description": ""
	},
	{
	"key": "scope",
	"value": "openid",
	"equals": true,
	"description": ""
	}
	],
	"variable": []
	},
	"method": "GET",
	"header": [],
	"body": {
	"mode": "raw",
	"raw": ""
	},
	"description": "A sign in request to begin the OAuth 2.0 code flow. Be sure to copy & paste into a browser! Running this request in Postman will just return you the HTML of our login pages. You need to fill in your own redirect URI and clientID. You can get these from the ADFS endpoints in the wizard. Running this will ask you for your AD credentials. Note that this will return a 'HTTP Error 404.0 - Not Found' because there is no 'localhost/1234'. Just ignore and copy the code - the section after '?code=' and before the next "&""
	},
	"response": []
	},
	{
	"name": "Token Request - Auth Code",
	"event": [
	{
	"listen": "test",
	"script": {
	"type": "text/javascript",
	"exec": [
	"tests['Status Code is 200'] = (responseCode.code === 200);",
	"",
	"if (responseCode.code === 200) {",
	" ",
	" try {",
	" var tokens = JSON.parse(responseBody),",
	" access_token = tokens.access_token;",
	" }",
	"",
	" catch(e) {",
	" console.log(e);",
	" }",
	" ",
	" postman.setGlobalVariable(\"access_token\", access_token);",
	"}"
	]
	}
	}
	],
	"request": {
	"url": "https://my-adfs/adfs/oauth2/token",
	"method": "POST",
	"header": [
	{
	"key": "Content-Type",
	"value": "application/x-www-url-form-urlencoded",
	"description": ""
	}
	],
	"body": {
	"mode": "urlencoded",
	"urlencoded": [
	{
	"key": "client_id",
	"value": "3b8db6ed-2060-46fa-ad9b-4f68545535ed",
	"type": "text"
	},
	{
	"key": "scope",
	"value": "openid",
	"type": "text"
	},
	{
	"key": "redirect_uri",
	"value": "http://localhost:1234",
	"type": "text"
	},
	{
	"key": "grant_type",
	"value": "authorization_code",
	"type": "text"
	},
	{
	"key": "code",
	"value": "5ANr...RZG8Rc7-sKJw",
	"type": "text"
	}
	]
	},
	"description": "The POST request to exchange an auth code for an access token. Be sure to replace the code with your own, that you received after signing in! Again you need to fill in your own client_id and redirect URI. Then click 'Send'. This will return an access token, an ID token and a refresh token. You can see what's in the access / ID token by copy / paste into 'jwt.io' in a browser. "
	},
	"response": []
	}
	]
	}
	]
	}