Oauth 2 does no work with redirect

supply-pilot-2083005 · January 8, 2025, 11:57am

Hi Community Experts

I am trying to use postman to test the workings of a REST service that uses an OAuth2 authentication.
Both the token URL and the service URL are implemented on a docker container.
This means that the initial URL gets redirected.
The Token URL HTTP://server.dom.ct/gettoken gets redirected to HTTPS://server-02.dom.ct:450/oauth/token
and the service URL gets redirected from HTTP://server.dom.ct/get/abc to HTTP://server-02.dom.ct:450/get/abc

To get the token I need to send (using POST) the client_id and client_secret to the token URL.
The token that is returned from the first url needs to be sent as “bearer” authorization in the request header in the
following GET operation to the service URL

“manual scenario” runs OK
I have configured the request to use OAuth2 ( Type OAuth2.0; Add authorization data to: Request Headers)

adapted settings
And I have also switched the following settings of the GET request to ON
Automatically follow redirects: ON (so a redirect gets executed)
Follow original HTTP Method: ON (so the change from POST to GET during the redirect is left alone and POST is used)
Follow Authorization header: ON (so the authorization header used with the GET request is also used in the redirected GET request

In the Autorization tab of the request I have replaced the HTTP://server.dom.ct/gettoken manually
with HTTPS://server-02.dom.ct:450/oauth/token

I start my test by acquiring a new token.
In the console I can see that HTTPS://server-02.dom.ct:450/oauth/token is used and produces a new token.
I accept the token and press the blue SEND button to send the request and subsequently I get the expected output from the request

“automatic scenario”
Now here is what I would like to change: I would prefer to be able to use the (non-redirected) URL for the token HTTP://server.dom.ct/gettoken
instead of the redirected (HTTPS://server-02.dom.ct:450/oauth/token)

If I do that in the above scenario changing
On the authorization tabAccess TOken URL to HTTP://server.dom.ct/gettoken
(leaving Client_id and Client_secret as is)
(leaving the changed settings as above)

When pressing the blue SEND button I get an error

The console shows:
POST HTTP://server.dom.ct/gettoken 301
GET HTTPS://server-02.dom.ct:450/oauth/token 405
Error: Could not complete OAuth 2.0 token request

Apparently the “automatically follow redirects” seems to work
however the setting “Follow Original HTTP Method” does not work (POST becomes a GET) in the token acquisition phase

Any help Greatly appreciated

Regards Wouter

Topic		Replies	Views
How to simulate oAuth 2.0 flow in Postman with Authorization Code Ask the Experts and Postman Tips oauth2 , oauth2-token	7	63067	June 19, 2021
Trying to redirect to a specific URL after a POST New to APIs/Postman tests , post	2	602	March 3, 2024
Where can I find the code for Postman OAuth 2.0, it generates access token without redirecting to the default redirect uri which is fantastic! Ask the Experts and Postman Tips oauth-20	1	2295	August 21, 2018
OAuth 2.0 web authentication New to APIs/Postman twitter	1	9567	April 21, 2022
How to pass access token url in authentication flow oauth2 Ask the Experts and Postman Tips oauth2	1	1088	December 20, 2023

Oauth 2 does no work with redirect

Related topics