I've recently started using Postman and I've started testing an endpoint that has been secured using AWS Cognito. I've setup the OAuth 2.0 Authorization section in Postman correctly and I'm getting a response with 3 types of tokens: id_token, access_token and refresh_token. By default, Postman is putting the access_token in the Authorization header and I need to use the id_token. Is there any way I can extract the id_token from the response and use it in my requests? I think there should be a way to pass it onto a global/environment variable so I can define the header myself using that.
7
votes
id_token is not part of oauth2. there is no identity management in oauth, just authorization one.
– Gab
I understand. One of my issues is that Postman uses one type of token by default after successful authorization. There's only a "Use Token" option which takes the access_token.
– escape_artist
This is the problem I'm facing as well. I need to get the JWT which is coming as an id_token and use that for authorization with APIs
– Eli Pulsifer
1 Answers
0
votes
You can create two request first to get id_token
and set environment variable and then to check your endpoint using that variable in headers.
You can extract id_token using tests
(AKA post-request script) and create and set an environment variable. Then use it in next request in header as {{your_variable name}}.
See https://learning.getpostman.com/docs/postman/scripts/test_examples/ for more details.