PingAM 7.5.0

Grant flows collection

Use the OAuth 2.0 and OpenID Connect Postman collection to try out AM flows. The REST calls and their prerequisites are provided as a downloadable JSON file collection.

  1. Download and install Postman.

  2. Download the OAuth 2.0 and OpenID Connect Collection.

  3. Import the collection in Postman:

    • Go to File > Import …​ > Upload Files.

    • Select the collection you downloaded, and click Open. Then, click Import.

  4. Configure the collection’s variables to suit your environment:

    • In Postman, on the Collections tab, select the OAuth 2.0 and OpenID Connect Collection. Click the …​ button, and then on Edit.

    • Click on the Variables tab, and change at least the value of the following variables:

      • URL_base

      • admin_password

    • Click Update to save your changes.

      You are ready to start running the collection.

The collection is divided into the following folders:

  • Prerequisites, containing REST calls to configure AM as an authorization server, and to create the clients and users required to run the collection.

  • OAuth 2.0 Flows, containing the flows explained in OAuth 2.0 grant flows.

  • OpenID Connect Flows, containing the flows explained in OpenID Connect grant flows.

    The Backchannel (CIBA) grant is not included, since it requires push notifications and an additional device to work.

  • Refresh Token Flow, containing calls explained in Refresh tokens and /oauth2/token/revoke.

  • Token Exchange Flows, containing the token exchange flows explained in Token exchange.