Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

JHipster authentication using Postman and JWT

I'd been using the Postman in-tab extension to tests calls to call JHipster resource API's and found that it worked great (JHipster setup to use OAuth2). I authenticated using the JHipster login page, then opened up a new tab with the Postman extension.

I just switched my JHipster application to use JWT and this method of using Postman no longer works, I get permission denied when calling the API. Moreover, the in-tab extension for Postman is being deprecated in favor of the stand-alone app.

Question: Is there any documentation on setting up Postman for authenticating against JHipster/JWT?

like image 228
Jose Gulisano Avatar asked Dec 12 '16 18:12

Jose Gulisano


People also ask

How do you authenticate a JWT token in The Postman?

Bearer token Bearer tokens enable requests to authenticate using an access key, such as a JSON Web Token (JWT). The token is a text string, included in the request header. In the request Authorization tab, select Bearer Token from the Type dropdown list. In the Token field, enter your API key value.

What is Gateway application in JHipster?

The JHipster API Gateway. JHipster can generate API gateways. A gateway is a normal JHipster application, so you can use the usual JHipster options and development workflows on that project, but it also acts as the entrance to your microservices.

What is JHipster UAA server?

JHipster UAA is a user accounting and authorizing service for securing JHipster microservices using the OAuth2 authorization protocol.


2 Answers

  1. Make a POST request to /api/authenticate with the following body: {"password":"admin","username":"admin"}. You will receive the following response: {"id_token":"aabbccddeeff"}
  2. Make your subsequent requests using the value of the token received in the previous call and put in into an Authorization: Bearer aabbccddeeff
  3. You can check the status of the authentication, making a GET request to /api/authenticate endpoint
like image 191
Alessandro Dionisi Avatar answered Sep 20 '22 19:09

Alessandro Dionisi


It is possible to use Postman with a JWT JHipster app.

  1. First, authenticate with the JHipster app
  2. Inspect any API request for the Authorization header. The JWT token is the value to the right of "Bearer ". You can also find this token in the browser's localStorage under the key jhi-authenticationToken.
  3. Edit the headers in Postman and add the Authorization header. The value should look like the following:

    Bearer eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiJydRkZWxsIiwiYXV0aCI6IlJPTEVfQURNSU4sUk9MRV9U0VSIiwiZXhwIjoxNDgzOTg1MDkzfQ.1A13sBvr3KDWxJQpKDKOS33KAVjWIb3mS_qfxLBOCq_LbMwNHnysAai0SNXXgudMOulAnXYN9_Mzlcv1_zctA
    
like image 20
Jon Ruddell Avatar answered Sep 21 '22 19:09

Jon Ruddell