Login credentials in Oauth2 popup window

dougleenhoutsvivint · 10 February 2023 18:51

Your question may already have an answer on the community forum. Please search for related topics, and then read through the guidelines before creating a new topic.

Here’s an outline with best practices for making your inquiry.

My question: How do you use username & password variables in the oauth2 login window?

Details (like screenshots): I’ve got usernames & passwords of test accounts saved as variables, but I’d like to use them in our oauth2 flow to get authorization tokens. The login popup that appears when I hit the “Get New Access Token” button seems like it can only accept hand-typed credentials. How do you use the oauth2 auth flow when you’re running an entire folder or collection that depends on that token? Does it have to be a manual process every time?

How I found the problem: Our plain old cookie-based authorization is just a POST to a /login endpoint with a {{username}} and {{password}} body, so when this request is run at the beginning of a collection run, it sets the cookie, then the rest of the requests in the collection run with that session cookie. There doesn’t seem to be an equivalent way to “pass a stored username & password” into the oauth2 window.

I’ve already tried: Googling & stack-exchanging.

w4dd325 · 10 February 2023 20:24

Hi @dougleenhoutsvivint

Are you using the oauth2 option in the Authorization tab?

You should be able to use the “Token Name” as a variable

dougleenhoutsvivint · 10 February 2023 20:38

I am using the Authorization tab - but before you get the token you have to pass in a username/password, either in a Postman popup, or in a browser if you’ve got “Authorize using browser” selected.

How do I pass a username/password into those fields programmatically?

w4dd325 · 10 February 2023 21:11

your endpoint must behave differently to the one I use for work as when I feed it a clientID and clientSecret I don’t get a redirect like you describe.

dougleenhoutsvivint · 13 February 2023 16:24

If you select “Authorize using browser”, then press the “Get New Access Token” (assuming cookies are cleared too), don’t you get redirected to a chrome/ff/IE/safari window with a username/pw prompt?

dougleenhoutsvivint · 22 February 2023 17:27

Anyone have any insight? There’s got to be a way to run a collection without having to manually enter a username and password, right?

w4dd325 · 7 March 2023 09:17

I have a call like this, that grabs a token using the client_id / client_secret.
This doesn’t redirect, it just spits a bearer token into the response that I save as a variable and then pass in to all proceeding calls.