How is the oauth_signature created?

I’m trying to replicate the oauth_signature that postman generates from java, with the OAuth 1.0 authentication method and the HMAC-SHA256 signature method, but it always generates different results even though I use the same data, so I’m thinking something is missing. wrong in the order I encode the key, so can someone explain to me step by step how the postman generates the oauth signature? How is the base chain assembled? What is the encoding order?

Instead of looking how Postman does it, I would recommend viewing the general OAuth 1.0 flow.

For example.

Basics of OAuth 1.0 (opengenus.org)

Then check your API to ensure that it follows that standard.

OAuth 1 is much more constrained that OAuth 2.0 which has a lot more options to consider.

It’s one thing to understand the principals of Oauth, quite another to understand what Postman is encoding into the base string that forms the basis for signature generation. Without knowing this fundamental, it is impossible to translate a successful Postman API call into an equivalent call from another code base. As so many others have pointed out in various posts, Postman generates a different signature to what is produced by code that follows the Oauth spec, which points to an unknown factor used in the Postman signature construction. All we need to know is, what are the factors involved?