On This Page

OAuth2 Authorization

Overview

This topic describes how to authenticate GraphQL APIs which use Postman or a different client using OAuth2 authentication.

Implementing Authorization Using CURL Commands

For this implementation, username and password are application level credentials.

Get a new access token:
```
curl -k \
  -d "client_id=admin-cli" \
  -d "username=<username>" \
  -d "password=<password>" \
  -d "grant_type=password" \
  https://<TOS_IP>/auth/realms/tufin-realm/protocol/openid-connect/token
```
curl -k \ -d "client_id=admin-cli" \ -d "username=<username>" \ -d "password=<password>" \ -d "grant_type=password" \ https://<TOS_IP>/auth/realms/tufin-realm/protocol/openid-connect/token
Send the request using the token:
```
curl -k \
  --header 'Authorization: bearer <access_token>' \
  --header 'Content-Type: application/json' \
  --data '{"query": "query { rules(filter:\"\") { count } }"}' \
  https://<TOS_IP>/v2/api/sync/graphql
```
curl -k \ --header 'Authorization: bearer <access_token>' \ --header 'Content-Type: application/json' \ --data '{"query": "query { rules(filter:\"\") { count } }"}' \ https://<TOS_IP>/v2/api/sync/graphql
To refresh the token:
```
curl -k \
  -d "client_id=admin-cli" \
  -d "grant_type=refresh_token" \
  -d "refresh_token=<refresh_token>" \
  https://<TOS_IP>/auth/realms/tufin-realm/protocol/openid-connect/token
```
curl -k \ -d "client_id=admin-cli" \ -d "grant_type=refresh_token" \ -d "refresh_token=<refresh_token>" \ https://<TOS_IP>/auth/realms/tufin-realm/protocol/openid-connect/token

Implementing Authorization Using Postman

In Postman, in the Authorization Tab, in the Type field, select OAuth2.0.
In the Add Authorization Data field, select Request Headers.
Click Get New Access Token.
The Get New Access Token window opens.

Select or enter these values for the following fields:

Field	Value
Grant Type	Password Credentials
Access Token URL	`https://<TOS_IP>/auth/realms/tufin-realm/protocol/openid-connect/token`
Client ID	admin-cli
Client Authentication	Send as Basic Auth header

Click Get New Access Token.
The Manage Access Tokens window opens.
Scroll to the bottom of the window and click Use Token to use the new token.
Confirm that the token is populated in the Current Token section.
In the Request Method field, select POST and enter a the following URL:

https://<TOS_IP>/v2/api/sync/graphql
Click Send.



Was this helpful?

Thank you!

We’d love your feedback

We really appreciate your feedback

Send Feedback in email

Send this page to a colleague