How can I see the raw oauth2 request payload?

I have a postman POST request to obtain a Microsoft-centric oauth2 bearer token. It works fine.

I need to see the actual request at a raw/payload level, but postman seems to abstract this away from me and I cannot find any way to view it.

For a typical request (non-oauth), I can click the “code” icon, and that gives me exactly what I need: it shows the headers, the body payload, etc. But clicking the code icon doesn’t show me the inner bowels of the authorization bearer token request.

For example:

Notice the param named Client ID. I happen to know that under the hood that is actually a POST param named client_id. No problem so far. But then we get to other params like Token Name, Callback URL, and Access Token URL. I don’t know if these are actual params or optional things. And I don’t know if they go into the headers and whether they need to be url-encoded. If actual params, what is their actual name in the payload? It would be so very nice if after executing this request (by clicking Get New Access Token), I could click a button and see the low-level items such as:

  • exact header name-value pairs
  • exact body name-value pairs
  • (even something similar to the “code” icon’s code generation)

The actual problem: I’m having all kinds of trouble getting this postman request to work in my c# app. When I run various experimental permutations, I get a different Bearer token from what postman gives me, and then when I use that bearer token in the actual API call against an endpoint, I get 401 unauthorized errors.

Important: Postman works fine, both for obtaining the bearer token AND for making the actual API call. It’s just my .net app that doesn’t work.

So I am certain that in my .NET client, either my headers are not matching postman’s headers (in the pre-call for getting the bearer token), or my POST body payload params are not matching postman’s. But I have no way to compare because I can find no way to get Postman to reveal to me the raw request headers and raw body for the oauth authentication token request. This seems like a basic thing that lots of people would want, so I apparently just don’t know how to find that.

I even tried the Capture requests functionality (Capture HTTPS traffic with Postman’s built-in proxy) but I can’t get it to work - seems to do nothing. I read documentation and got lost down rabbit holes because the cert files that are supposed to exist in %APPDATA%\Postman\proxy do not exist. In any case, capturing HTTPS traffic seems like way overkill for the simple raw headers and payload I’m trying to view.

Any help would be much appreciated.

Postman Console

Found it.

I am looking for the same, can you let me know how you got he raw OAuth2 request?

@bpetrie33

From the console log which is a fundamental part of troubleshooting.

The basics on navigating the screens are covered in the Postman learning available through the learning center on the Postman homepage.

image

Skip down to Postman Training on the next page.

From here, I recommend the Galaxy APIs 101, and Galaxy Testing and Automation as this covered all of the basics for me. I hadn’t used Postman for a few years, and I didn’t know where anything was.

image

This will include how to use the Console Logs.