Open in app

Sign in

Write

Sign in

Persisting the bearer token in Postman

Rory Braybrook
The new control plane
Published in
Dec 6, 2023
Image of Ooghduyne token
Ooghduyne token — Donald Trung, CC BY-SA 4.0 <https://creativecommons.org/licenses/by-sa/4.0>, via Wikimedia Commons

Mainly writing this for myself so I can refer back to it.

I wrote this post around client credentials in Azure AD B2C.

To test it, I had to copy/paste the access_token from the client credentials call to the bearer token in the API call.

You can automate it.

So first, we call the client credentials flow.

Note the test script to save the access_token in the environment.

The text is:

var jsonData = JSON.parse(responseBody);

pm.environment.set("access_token", jsonData.access_token);
Image of above code inside the “Tests” tab

The environment looks like this:

Image of environment showing “access_token”

Then, for the next request to the API:

Image of Aouthorization tab, type = bearer, text = {{access_token}}

So the access_token from step 1 is automatically added as a bearer token in step 2 and you don’t have to copy and paste it all the time.

All good!

Postman
Bearer Token
Authentication
Jwt Token

--

--

Rory Braybrook
The new control plane

Written by Rory Braybrook

720 Followers
Editor for

NZ Microsoft Identity dude and MVP. Azure AD/B2C/ADFS/Auth0/identityserver. StackOverflow: https://bit.ly/2XU4yvJ Presentations: http://bit.ly/334ZPt5

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams