Menu
I'm testing an implementation of JWT Token based security based off the following article. I have successfully received a token from the test server. I can't figure out how to have the Chrome POSTMAN REST Client program send the token in the header.
My questions are as follows:
1) Am I using the right header name and/or POSTMAN interface?
2) Do I need to base 64 encode the token? I thought I could just send the token back.
685
We can send this token to other endpoints. This can be done easily. We have to add an authorization header in our request and this will be a Bearer TOKEN. To avoid any manual copy-pasting of JWT token, we can use variables to add a script in the Tests tab of API request which is generating token.
Click Get access token. Postman starts the authentication flow and prompts you to save the access token. Select Add token to header. Click the name of your token so Postman will add the token to the authorization header and click Send to make your request.
Bearer token The token is a text string, included in the request header. In the request Authorization tab, select Bearer Token from the Type dropdown list. In the Token field, enter your API key value. For added security, store it in a variable and reference the variable by name.
For the request Header name just use Authorization. Place Bearer before the Token. I just tried it out and it works for me.
Authorization: Bearer TOKEN_STRING
Each part of the JWT is a base64url encoded value.
123
Here is an image if it helps :)
Update:
The postman team added "Bearer token" to the "authorization tab": 
35
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
