Oauth1 requests stopped working in Postman v5.3.2


I updated the Postman desktop client to v5.3.2. I have a lot of collections which use OAuth 1.0. They all have stopped working since the update.
Every time I try to hit Send, it ends up in an “Invalid or expired Token” error.
I have tried the following:

  • Cleared the Authorization Key/Value under the Headers tab of the collection.
  • Switched between ‘Request Headers’ and ‘Request Body / Request URL’ under the ‘Add authorization data to’ option under the Authorization tab.
  • Deleted the collection and re-imported.

Anybody else encountered such an issue? Additional suggestions?

Thank you.


This could be because one time generated nonce and timestamp could have been saved with your request. These become invalid over time and when Postman tries to calculate signature with the outdated values, you are seeing this error.

Instead you can empty the values for Nonce and Timestamp to allow Postman to compute a new value automatically for every request.

Removing the Nonce and Timestamp from your OAuth 1.0 request should solve this

The reason it used to work before was Postman was overwriting these values for every request send. These was not ideal for two reasons, 1. It wasn’t acurate always and 2. It cleared user data. We’ve talked about this in our blog here


Yes, that did the trick!
Thank you for your help.