7
votes

I've recently started using Postman and I've started testing an endpoint that has been secured using AWS Cognito. I've setup the OAuth 2.0 Authorization section in Postman correctly and I'm getting a response with 3 types of tokens: id_token, access_token and refresh_token. By default, Postman is putting the access_token in the Authorization header and I need to use the id_token. Is there any way I can extract the id_token from the response and use it in my requests? I think there should be a way to pass it onto a global/environment variable so I can define the header myself using that.

1
id_token is not part of oauth2. there is no identity management in oauth, just authorization one.Gab
I understand. One of my issues is that Postman uses one type of token by default after successful authorization. There's only a "Use Token" option which takes the access_token.escape_artist
This is the problem I'm facing as well. I need to get the JWT which is coming as an id_token and use that for authorization with APIsEli Pulsifer

1 Answers

0
votes

You can create two request first to get id_token and set environment variable and then to check your endpoint using that variable in headers.

You can extract id_token using tests (AKA post-request script) and create and set an environment variable. Then use it in next request in header as {{your_variable name}}.

See https://learning.getpostman.com/docs/postman/scripts/test_examples/ for more details.