Using SeaCat Auth with Postman
Postman is a useful development tool for debugging apps that interact with SeaCat Auth. The major advantage is that Postman natively handles OAuth2.0 authentication and provides tools for auth token management.
- Running instance of SeaCat Auth
- Check the
[general]section in the config to make sure
public_api_base_urlvariables point to the actual URLs of your SeaCat Auth WebUI
- Check the
- Running instance of SeaCat Auth WebUI
- Auth WebUI is required for authenticating in SeaCat Auth
- Check the proxy routing (in Nginx) to make sure it points to you SeaCat Auth backend correctly
Configure your Postman environment
- Import the latest collection
from the SeaCat Auth repo (located at
- Set up a SeaCat Auth Postman environment.
The following variables need to be defined:
BASE_URLshould contain the base URL of your SeaCat API, for example
AUTH_URLshould contain the base URL of your SeaCat Auth, for example
https://my-domain.int/auth. It is used for authenticating your session.
Create an OAuth2 authorized session
- In the Collections panel, open the context menu of your SeaCat Auth collection and choose Edit.
- Navigate to Authorization tab.
- For Authorization type choose OAuth 2.0
- Request a new access token and log in to your SeaCat Auth WebUI
- Your Postman session is now authenticated!
Postman access token details
- Grant type: “Authorization Code”
- Callback URL: http://localhost:8080/???? (???)
- Auth URL: http://localhost:8080/openidconnect/authorize
- Access Token URL: http://localhost:8080/openidconnect/token
- Client Id: [any string]
- Client Secret: [any string]
- State: [empty string]
- Client Authentication: Send client credentials in the body
NOTE Some API requests will be fulfilled only if you have access to specific admin resources
Check the description of those calls to see if there is any access restriction.