8/5/2023 0 Comments Postman hatsThe second field is the API end point that you want to test against. From there, you can select what action to perform. In the preceding screenshot, I highlighted the two basic fields to provide. After that, you should be presented with the following display: To make a new Http request like GET, POST, PUT, PATCH or DELETE, simply click the + symbol as highlighted from the preceding screenshot. The following screenshot shows the Postman app running on my machine using v8.0.6 - the latest version as of this time of writing. If you haven't installed it yet, go ahead and download it here.Īfter downloading, install it in your machine so you can start testing. In fact, it offers a ton of features that makes it a power tool for managing and testing APIs. Postman is really a handy tool to test API’s without having you to create a UI and it’s absolutely free. But if haven't tried using Postman before and would like to know how to use it to test your Web APIs, then keep reading as I'll show you how we can easily setup the configuration for you to be able to test protected Web APIs. If you've been using Postman to peform basic Web API testing, feel free to skip this part. So without further ado, let's jump right into it. In this post, we're going to look at how to use Postman for making a simple basic API request, explore the various ways to configure generating tokens, and ultimately automating them. Sure, you can use Swagger or any other platforms to test your Web APIs, but I personally prefer Postman because I'm comfortable with it and it offers more advance features that you can't do with Swagger. Instead, we can take advantage of some available platforms that will act as the client proxy to test out Web APIs - Postman is one of them. But as a developer, we don't want to create a client application just to test out our APIs. This could be your own custom hosted Auth Server, an Azure B2C, AWS Cognito, IdentityServer4, OAuth0, Okta, you name it. When our APIs are decorated with the attribute, the requesting clients should provide the access token generated from the Authorization Server and pass it as a Bearer Authorization Header before clients can be granted access to our API endpoints.Ī client could be a Browser, Web App, Mobile App, Desktop App, another Web API or daemon/service that runs on the background and consumes your APIs - basically, any type of applications and services that support Http protocol.Īuthorization Server or sometimes referred to as "Token Server" is the service issuing access tokens to the client after successfully authenticating the resource owner and obtaining authorization. In ASP.NET Core, this is done by configuring our Web APIs with a "Bearer" authentication scheme. Most Web APIs (if not all) are protected with JSON Web Tokens (JWT). This post will highlight the various ways on how to configure Postman with Authorization header and ultimately automating the process. Bear in mind that we won't be creating a Web API project on this post. So, you've done creating your Web APIs and you wanted to test them and not sure how to start? Read on, as we'll explore how we can easily configure Postman to test protected Web API endpoints.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |