OAuth 2.0 Authorization with Postman

With the help of OAuth 2.0, we shall first obtain an access token for an API. This token shall be used for authentication of all the future requests. The data access with OAuth 2.0 differs from one API access provider to another. However, it generally consists of sending requests back and forth between the user, API and the client.

OAuth 2.0 Flow

  • The client sends a request to authorize the access to the data for the user.

  • If the user permits access, then the application requests an access token from the service provider. This is done by sending the access permit from the user and authentication information to determine the client.

  • The service provider checks this information and yields an access token.

  • The client utilizes the access token to send requests for user data with the help of the service provider.

In Postman, we have to select the option OAuth 2.0 from the Type dropdown under the Authorization tab. We have to mention if we want to send the authentication information from the Request URL or Headers.

For requesting an access token, we have to fill in the details under the Configure New Tokens section.

Once a token has been successfully generated, it gets reflected under the request Headers.