On This Page
OAuth2 Authorization
Overview
This topic describes how to authenticate GraphQL APIs which use Postman or a different client using OAuth2 authentication.
Implementing Authorization Using CURL Commands
For this implementation, username and password are application level credentials.
-
Get a new access token:
curl -k \
-d "client_id=admin-cli" \
-d "username=<username>" \
-d "password=<password>" \
-d "grant_type=password" \
https://<TOS_IP>/auth/realms/tufin-realm/protocol/openid-connect/tokencurl -k \ -d "client_id=admin-cli" \ -d "username=<username>" \ -d "password=<password>" \ -d "grant_type=password" \ https://<TOS_IP>/auth/realms/tufin-realm/protocol/openid-connect/token -
Send the request using the token:
curl -k \
--header 'Authorization: bearer <access_token>' \
--header 'Content-Type: application/json' \
--data '{"query": "query { rules(filter:\"\") { count } }"}' \
https://<TOS_IP>/v2/api/sync/graphqlcurl -k \ --header 'Authorization: bearer <access_token>' \ --header 'Content-Type: application/json' \ --data '{"query": "query { rules(filter:\"\") { count } }"}' \ https://<TOS_IP>/v2/api/sync/graphql -
To refresh the token:
curl -k \
-d "client_id=admin-cli" \
-d "grant_type=refresh_token" \
-d "refresh_token=<refresh_token>" \
https://<TOS_IP>/auth/realms/tufin-realm/protocol/openid-connect/tokencurl -k \ -d "client_id=admin-cli" \ -d "grant_type=refresh_token" \ -d "refresh_token=<refresh_token>" \ https://<TOS_IP>/auth/realms/tufin-realm/protocol/openid-connect/token
Implementing Authorization Using Postman
-
In Postman, in the Authorization Tab, in the Type field, select OAuth2.0.
-
In the Add Authorization Data field, select Request Headers.
-
Click Get New Access Token.
The Get New Access Token window opens. -
Select or enter these values for the following fields:
Field
Value
Grant Type Password Credentials Access Token URL https://<TOS_IP>/auth/realms/tufin-realm/protocol/openid-connect/token
Client ID admin-cli Client Authentication Send as Basic Auth header -
Click Get New Access Token.
The Manage Access Tokens window opens. -
Scroll to the bottom of the window and click Use Token to use the new token.
-
Confirm that the token is populated in the Current Token section.
-
In the Request Method field, select POST and enter a the following URL:
https://<TOS_IP>/v2/api/sync/graphql
-
Click Send.
Was this helpful?
Thank you!
We’d love your feedback
We really appreciate your feedback
Send this page to a colleague