Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

How to execute saml enabled url in Postman Client without using saml2=disabled?

I have a use case where I have to create a web API for post request. In order to develop the post request first I need to fetch the service doc. At the time of service doc request I am able to fetch the service doc via Chrome Browser where it prompts for basic auth and Identity provider i.e. saml.

Now I have to fetch the same request via Postman client. In Postman client I provide necessary headers like content-type, Authentication etc. But I am not able to fetch the data.

sceenshot.

enter image description here

Service Doc Basic Auth ScreenShot enter image description here

service doc IDp screenshot: enter image description here

DATA via browser:

enter image description here

Postman client says your browser does not support javascript please enable it. after enabling getting same error.

Actually I don't have access to the admin cockpit where this service is hosted.

Please help.

Thanks, Abhijeet

like image 233
Abhi Avatar asked Dec 18 '22 21:12

Abhi


1 Answers

Postman supports REST API but SAML is based on browser redirects.

Postman does support OpenID Connect / OAuth that is REST based.

The reason it asks for Javascript is that the SAML login form relies on Javascript to redirect. Otherwise you just see the Submit button.

The problem is that SAML and OAuth are different protocols with different token types. SAML is XML with lots of assertions (claims) and OAuth is JSON with essentially a canned set of attributes.

Postman requires a JWT token. It won't work with a SAML token.

The references you see on the web about Postman / SAML refer to logging in to the Postman Enterprise edition with SAML to get SSO.

like image 72
rbrayb Avatar answered Jan 18 '23 16:01

rbrayb