Task 3: Test the Workflow
The Test the Workflow endpoints perform the following actions:
-
Send an authorization request.
-
Perform any sign-on actions.
-
Return an access token.
The authorization and token endpoints that you’ll call to test the workflow require an application ID and secret to complete the sign-on action. The Postman collections that accompany these flows use the application you created in the Configure Your Environment collection.
What you’ll do
You will complete a sign-on flow and then verify that the application permissions you assigned to the application role exists in the token claims.
-
POST request to the authorize endpoint.
-
POST request to submit the user’s login credentials.
-
POST request to get the access token.
-
POST request to call the token introspection endpoint.
|
If you choose to use an alternate application, be aware that the variables in the Postman collections point to the application ID and secret that you created in the Environment Configuration collection. You must change these values manually either in your Postman environment or in the endpoint’s URL or parameters to run the request using your alternate application. |