How to use Postman to manually test the API?
How to use Postman to test the API manually?
First, we need to import the swagger.json file into the Postman downloadable client. See the OpenAPI integration documentation here.
In the top left corner, you should see an import button. You can import the swagger.json file or copy the link to it in this form. Once imported and analyzed, Postman will ask you to confirm your import :
Once that done, you should see the API in the sidebar under the "Collections" tab.
Since the endpoint is secured, you will have to authenticate yourself before sending a request successfully.
Postman integrates the OAuth2 Client Credentials flow to not have to do this hard part yourself.
Here's the technical bit, just to lay the technical jargon down and explain what Postman will do for us. The first step is to send a request to 'HTTPS://{{oktaDomain}}/oauth2/default/v1/token' to obtain an access token. (You can find the actual URI in the swagger.json). Then, you use this access token as a Bearer Authorization header for your requests to the API to allow us to authenticate you properly.
Inside Postman, you can place your cursor in the lower-left corner of the collection header to show the "View more actions" button.
Click and select Edit. In the Authorization tab, you should see the following form.
Using the oktaDomain value found in the swagger.json and the ClientId and ClientSecret provided by Hectre to fill this form. Note that the scope(s) specified in the swagger.json is required. Once filled, click on "Get New Access Token".
If everything went according to plan, you should have successfully received an access token. You still need to click on "Use Token" to save it in Postman.
Finally, you can click on "Update" to automatically use this access token for the following requests.
You will, at long last, be able to send requests and manually test the API!
If you click on the request under the API in the sidebar, you will see the Postman request editor. Using the OpenAPI definition, almost everything is done for you. You can see the path, the query parameters and edit them.
You need to replace the {{baseUrl}} (or even better, assign a variable) and set sensible values for the params and finally press send.