I am able to get my oauth2 token using implicit grant type and ID Token using insomnia, but getting object object error when doing from postman manually,
I have set response_type to ID Token,any tried and tested methods
I get the pop up to enter id and password for oauth flow, but i get object object after two Get is there some script anyone has used before on this?
What do you mean by script?
The Implicit flow requires user interaction, You can’t mimic this workflow in a pre-request script, so you need to use the Postman Authorization helper (aka the Auth tab).
Looks like you are using Microsoft, and I have lots of examples but not using the Implicit flow.
You don’t generally get to see the underlying auth requests in the console logs, so I’m not sure what is producing the two Microsoft entries you have in your console logs so can you show a screenshot of your auth tab (and any relevant scripts but as mentioned before, you can’t script this one, you will need to use the auth helper).
Things to check are the redirect URL’s. You might need to add Postman as a valid redirect in your application auth settings.
The following is a decent article that explains the Implicit Grant Type flow.
What is the OAuth 2.0 Implicit Grant Type? | Okta Developer
Worth reading the bit about when to use this flow, as its not generally recommended anymore vs the more secure Authorization code flow with PKCE for single page apps.
Thanks @michaelderekjones for quickly replying
I will try to look more in to generating using oauth 2.0 implicit flow and will ask again if am blocked today
@michaelderekjones I am getting token in response by receiving an error on login, is it possible to copy the token from response even with error using a script and not manually
Sorry, I can’t really work out what that screenshot is showing.
Normally, the auth helpers do not show the underlying auth request in the console logs.
So I’m unsure what is showing in your console log, or how its being produced (to work out if you can access any of the information in a script).
My advice is that you need to fix the authentication so that the error does not appear on login.
Include a screenshot of the authentication tab settings. (Redacted as as appropriate).
What API are you using, and are there API specifications\instructions on usage (including authentication).
What authentication provider are you using. One that comes with the API, or a third party one like Google or Microsoft?
