We are exploring to switch from Insomnia to Postman.
However Postman seems to be very restricted on how authentication responses (like ID and Access token) can be used. I have looked at topics and saw a few closed tickets regarding this.
We need Access and ID token in our requests, and Insomnia makes it easy and you can access the authentication response attributes like variables and use them anywhere.
In some posts there were suggestions to create our own request to get the Access and ID token, but how our IDP is set up it doesn’t allow that, we need to follow the flow redirecting to the IDPs login page to enter userId and password.
So we would need to rely the OAuth2 implementation in Postman. It works, but we can only get either the Access or the ID token, not both, and how it can be used is very restricted.
Is there a way to access the authentication response attributes after the login (there have been a few posts suggesting that, but none of the suggestions work)?
If not is there a chance that this could be added to Postman?
This is probably one for a Postman Employee to respond to.
But I suspect this will need to be a feature request raised on the Postman Github.
You can add a parameter (if needed) under the advanced settings to return an ID and Access token if the endpoint supports it, but as you have found out, you can only set one or the other to a variable, which doesn’t help if you need both values.
The feature to allow you to select between the tokens was only implemented last year.
I would recommend a feature request that allows you to map the auth response to a variable in its entirety which you can then parse and access the various elements within. (Rather than individual key\values). This would give more flexibility and access to all of the auth data.