To generate “Access Token”, follow the steps below:
- Open API Testing Tool:
- Launch your API testing tool, such as Postman.
- Create a New Request:
- Create a new request in the tool for the API you want to test.
- Configure Authorization:
- Click on the “Authorization” section in your request tab.
- Select OAuth 2.0 as the Authorization Type:
- In the Authorization section, choose “OAuth 2.0” as the authorization type.
- Generate a New Token:
- In the OAuth 2.0 section, you should see an option called “Generate New Token.”
- In that section, you need to add Request Parameters as mentioned below:
- Enter the Token Name
- Select the value “Authorization Code (With PKCE)”
Specify the Callback URL that you registered during the app registration.
For ex: In the case of Postman we have an option called, “Authorize using Browser” If selected, it will give you default callback URL otherwise, you have an option to add your custom Callback URL.
- Ensure that the Callback URL is the same as the one used earlier when generating your Client ID and Client Secret.
- Specify the end points that we are using for Authorization Server. It will be used to get an Authorization Code.
- For example: we can use ” https://accounts.vryno.com/oidc/auth “.
Access Token URL:
- Specify the end points that we are using for Authorization Server. It will be used to exchange the Authorization code for an Access Token .
- For example: we can use ” https://accounts.vryno.com/oidc/token “.
- Specify Client ID obtained from the app registration.
- Specify Client secret obtained from the app registration.
Code Challenge Method:
- Select the value as “SHA-256”
- Enter the value as “openid vryno_offline_access”.
These steps will help you configure your API request using OAuth 2.0 with your Client ID and Secret for authentication and authorization.
Once you have entered all the information, you need to scroll down and click on, “Get New Access Token”.
You will be redirected to the browser for an Authentication and once your call is authenticated you will be able to see the attached screenshot.
Once Authenticated, it will redirect to the Postman app and you will be able to see your token details such as Access Token and Refresh Token, as shown below