Topic may seem easy to you but, please read my question. I couldn’t find what I need .
So I know how to send requests from postman. I know sending requests from java , or .net APIs.
I am trying to learn using keycloak, learnt a lot. But all of the sources online says click this collection name on postman
then enter values in this section, and then get access token.
I can successfully get token by doing this. But how can I apply postman’s get authorization
function at an API.
For example I have a dotnet API or console project, how can I send auth request like postman’s this section does.
Please, beware its not a simple request being sent to an url.
If my question is unclear please comment.
—
Update. For those who are confused, I have come this far, this is sample rest request and it executes without error. But I need an redirectUri, I need to find out how to open an login window. What should I do.
2
Answers
Right Click on the Folder — >
if you are looking to get the code for it, postman generate the code snip, which you can git it from
The authorization "helpers" in Postman are just that.
They are meant to help with the authorization steps, in particular where there is user intervention that requires the browser that you can’t replicate programmatically.
If you want to implement this in an application, then you should read the authorization flow documentation provided by the relevant OAuth 2.0 provider.
They will be nearly identical as OAuth 2.0 is an standard, but its worth looking at the ones for the particular OAuth provider you are using. In this case Keycloak (although I couldn’t quickly find the flow diagrams on the Key Cloak website).
Here are the Microsoft docs for the Authorization Code Flow.
https://learn.microsoft.com/en-us/entra/identity-platform/v2-oauth2-auth-code-flow
It includes a link to a Postman collection that shows the general flow without using the helpers which you might want to consider doing if you are trying to replicate the flow as the helpers aren’t going to help in that regard.
https://app.getpostman.com/run-collection/f77994d794bab767596d
From here, once you have the requests working, you can potentially use the code snippets feature in Postman to generate code for the relevant programming language. (This example is using the password grant type specifically because of the issues with the user interaction).
Here is another link from Redhat which talks about mocking for testing.
https://www.redhat.com/architect/oauth-20-authentication-keycloak
When you submit your http request to the key cloak API, it should handle the opening of the login page and the redirects.
Your redirectUri should be defined when you register the client in Keycloak.