Using Fiddler to call Authorized ASP.NET Web API endpoints

Api endpoint using standard Authorization

This post will contain absolutely zero fluff and will cut to the chase… here is it is. (This assumes you’re using a default Web API web project)

Step 1. Start your website in Visual Studio.

Step 2. Copy the url of your running website and open Fiddler.

Step 3. Click the Composer tab in Fiddler, select ‘POST’, paste your url and add ‘/Token’ at the end (this is the default authorization endpoint that ASP.NET uses for granting tokens). In the Request Body section paste the following:

grant_type=password&username=myusername&password=mypassword

Change the appropriate values (you will have to url-encode special characters) and click Execute.

Step 4. Hopefully you got a 200 response on the left side result panel. Double-click the result to view the output and click the Raw button.

Step 5. Copy the entire string value for ‘access_token’. You’re now ready to test your actual endpoint.

Step 6. Click on the Composer tab again, pick the right verb type for your endpoint, and enter the full url.

Step 7. In the box below the url enter the following:

Authorization: Bearer {access_token}

Paste in your full access token and click Execute.

Your authenticated endpoint should respond to your request at the point.