Hi All
I have 2 step auth fetching a Bearer token with which I am automatically populating a environmental variable {{authToken}} for use in a GET request.
The GET request is correctly called with the token but I get a 401 returned thus -
{{baseUrl}}/api/products
401 Unauthorized
But at the same time I am returned a body with payload
"Response Body": "{\n \"type\": \"laborum aliquip\",\n \"title\": \"commodo fugiat ea laborum\",\n \"status\": -37650809,\n \"detail\": \"laborum sit\",\n \"instance\": \"ad ipsum ullamco\"\n}"
Below is the console output, any ideas please
08:51:52.057 POST https://frr-dev.auth.us-east-2.amazoncognito.com/oauth2/token: {
“Network”: {
“addresses”: {
“local”: {
“address”: “172.17.0.2”,
“family”: “IPv4”,
“port”: 36932
},
“remote”: {
“address”: “3.22.200.17”,
“family”: “IPv4”,
“port”: 443
}
},
“tls”: {
“reused”: false,
“authorized”: true,
“authorizationError”: null,
“cipher”: {
“name”: “ECDHE-RSA-AES128-GCM-SHA256”,
“standardName”: “TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256”,
“version”: “TLSv1.2”
},
“protocol”: “TLSv1.2”,
“ephemeralKeyInfo”: {
“type”: “ECDH”,
“name”: “prime256v1”,
“size”: 256
},
“peerCertificate”: {
“subject”: {
“commonName”: “.auth.us-east-2.amazoncognito.com",
“alternativeNames”: "DNS:.auth.us-east-2.amazoncognito.com, DNS:auth.us-east-2.amazoncognito.com, DNS:.auth-fips.us-east-2.amazoncognito.com, DNS:auth-fips.us-east-2.amazoncognito.com"
},
“issuer”: {
“country”: “US”,
“organization”: “Amazon”,
“organizationalUnit”: “Server CA 1B”,
“commonName”: “Amazon”
},
“validFrom”: “Mar 29 00:00:00 2021 GMT”,
“validTo”: “Apr 27 23:59:59 2022 GMT”,
“fingerprint”: “E3:F5:E4:1B:19:DB:F8:E5:A9:45:FA:91:9F:F1:78:46:41:AE:9A:D3”,
“serialNumber”: “0E828E74B1F5DEA9DF5A228813283301”
}
}
},
“Request Headers”: {
“user-agent”: “PostmanRuntime/7.28.0”,
“accept”: "/",
“cache-control”: “no-cache”,
“postman-token”: “f710e970-e41d-45a1-bceb-b9825272b40a”,
“host”: “frr-dev.auth.us-east-2.amazoncognito.com”,
“accept-encoding”: “gzip, deflate, br”,
“connection”: “keep-alive”,
“content-type”: “application/x-www-form-urlencoded”,
“cookie”: “XSRF-TOKEN=87fe7771-6abe-491f-a0e4-4c7f025b782a”
},
“Request Body”: {
“client_id”: “2d8t2gu9tg4s1il9fkplkajqvv”,
“client_secret”: “snid87pvn5kbmk8m4q5ufbj15h1r0hso075guo98jqrt0nv5sk2”,
“scope”: “https://drr-dev.auth.us-east-2.amazoncognito.com/read”,
“grant_type”: “client_credentials”
},
“Response Headers”: {
“date”: “Thu, 27 May 2021 07:51:51 GMT”,
“content-type”: “application/json;charset=UTF-8”,
“transfer-encoding”: “chunked”,
“connection”: “keep-alive”,
“x-amz-cognito-request-id”: “70ec8807-c407-409b-8510-e4ec644e1066”,
“x-application-context”: “application:prod:8443”,
“x-content-type-options”: “nosniff”,
“x-xss-protection”: “1; mode=block”,
“cache-control”: “no-cache, no-store, max-age=0, must-revalidate”,
“pragma”: “no-cache”,
“expires”: “0”,
“strict-transport-security”: “max-age=31536000 ; includeSubDomains”,
“x-frame-options”: “DENY”,
“server”: “Server”
},
“Response Body”: “{"access_token":"eyJraWQiOiJ5UHNlZHFLYzE1eUFQb2hnWjJJUUgzNHZwdjUzaE1YWG4zT01NcnlUWFhzPSIsImFsZyI6IlJTMjU2In0.eyJzdWIiOiIyZDh0Mmd1OXRnNHMxaWw5ZmtwbGthanF2diIsInRva2VuX3VzZSI6ImFjY2VzcyIsInNjb3BlIjoiaHR0cHM6XC9cL2Zyci1kZXYuYXV0aC51cy1lYXN0LTIuYW1hem9uY29nbml0by5jb21cL3JlYWQiLCJhdXRoX3RpbWUiOjE2MjIxMDE5MTEsImlzcyI6Imh0dHBzOlwvXC9jb2duaXRvLWlkcC51cy1lYXN0LTIuYW1hem9uYXdzLmNvbVwvdXMtZWFzdC0yX2l4VkI3MXRBciIsImV4cCI6MTYyMjEwNTUxMSwiaWF0IjoxNjIyMTAxOTExLCJ2ZXJzaW9uIjoyLCJqdGkiOiI2MzUwODU4ZC00NzdmLTRkZjItYWE5Ny05NjYyYTczYzRjZjQiLCJjbGllbnRfaWQiOiIyZDh0Mmd1OXRnNHMxaWw5ZmtwbGthanF2diJ9.rDMbH7Pu0zGp52VbSp6qeZ7jcZRUHPbLFGq_DNYgmYINbARuQDPx0QZTIFxQ7_-Wbde-dYkBX1qyzct-FBBrDG03UtBnxV3fFfkrheH5YmTaGPocCFTRi78MIPyBSNQnNa0lzAqYLRGquq-1_2l6IOVdVt8M3XNI9WFneqOkoxTA6ykn9roK32itIeMFhxTFbIQzEi6sEj2yp5KejNFHXsS4QjeF6Kfk3iG7royUfMo96LdRxN0IOQhKG-RoJ3kyxpTisEXlJO3Zh4lfVGp6iETkAZIvNrL2IUhfk8oRGBMa8oxYFSG4-TwXJB4gYQKd85Hkq2J_O8seUp0Utj_HQ","expires_in":3600,"token_type":"Bearer"}"
}
08:52:27.688 GET https://c55b92ff-38f7-4197-b5ca-14516bdeaa95.mock.pstmn.io/api/products: {
“Network”: {
“addresses”: {
“local”: {
“address”: “172.17.0.2”,
“family”: “IPv4”,
“port”: 46970
},
“remote”: {
“address”: “54.152.194.68”,
“family”: “IPv4”,
“port”: 443
}
},
“tls”: {
“reused”: true,
“authorized”: true,
“authorizationError”: null,
“cipher”: {
“name”: “ECDHE-RSA-AES128-GCM-SHA256”,
“standardName”: “TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256”,
“version”: “TLSv1.2”
},
“protocol”: “TLSv1.2”,
“ephemeralKeyInfo”: {},
“peerCertificate”: {}
}
},
“Request Headers”: {
“authorization”: "Bearer eyJraWQiOiJ5UHNlZHFLYzE1eUFQb2hnWjJJUUgzNHZwdjUzaE1YWG4zT01NcnlUWFhzPSIsImFsZyI6IlJTMjU2In0.eyJzdWIiOiIyZDh0Mmd1OXRnNHMxaWw5ZmtwbGthanF2diIsInRva2VuX3VzZSI6ImFjY2VzcyIsInNjb3BlIjoiaHR0cHM6XC9cL2Zyci1kZXYuYXV0aC51cy1lYXN0LTIuYW1hem9uY29nbml0by5jb21cL3JlYWQiLCJhdXRoX3RpbWUiOjE2MjIxMDE5MTEsImlzcyI6Imh0dHBzOlwvXC9jb2duaXRvLWlkcC51cy1lYXN0LTIuYW1hem9uYXdzLmNvbVwvdXMtZWFzdC0yX2l4VkI3MXRBciIsImV4cCI6MTYyMjEwNTUxMSwiaWF0IjoxNjIyMTAxOTExLCJ2ZXJzaW9uIjoyLCJqdGkiOiI2MzUwODU4ZC00NzdmLTRkZjItYWE5Ny05NjYyYTczYzRjZjQiLCJjbGllbnRfaWQiOiIyZDh0Mmd1OXRnNHMxaWw5ZmtwbGthanF2diJ9.rDMbH7Pu0zGp52VbSp6qeZ7jcZRUHPbLFGq_DNYgmYINbARuQDPx0QZTIFxQ7-Wbde-dYkBX1qyzct-FBBrDG03UtBnxV3fFfkrheH5YmTaGPocCFTRi78MIPyBSNQnNa0lzAqYLRGquq-1_2l6IOVdVt8M3XNI9WFneqOkoxTA6ykn9roK32itIeMFhxTFbIQzEi6sEj2yp5KejNFHXsS4QjeF6Kfk3iG7royUfMo96LdRxN0IOQhKG-RoJ3kyxpTisEXlJO3Zh4lfVGp6iETkAZIvNrL2IUhfk8oRGBMa8oxYFSG4-_TwXJB4gYQKd85Hkq2J_O8seUp0Utj_HQ”,
“accept”: “text/plain”,
“user-agent”: “PostmanRuntime/7.28.0”,
“cache-control”: “no-cache”,
“postman-token”: “0d3e7e54-489a-4a8d-9da9-15d57c57e535”,
“host”: “c55b925f-38f7-4197-b5ca-14516bdeaa95.mock.pstmn.io”,
“accept-encoding”: “gzip, deflate, br”,
“connection”: “keep-alive”
},
“Response Headers”: {
“date”: “Thu, 27 May 2021 07:52:27 GMT”,
“content-type”: “application/json; charset=utf-8”,
“content-length”: “150”,
“connection”: “keep-alive”,
“server”: “nginx”,
“x-srv-trace”: “v=1;t=abd55e34e437ba9a”,
“x-srv-span”: “v=1;s=154c00a79e2f5ef7”,
“access-control-allow-origin”: "”,
“x-ratelimit-limit”: “120”,
“x-ratelimit-remaining”: “117”,
“x-ratelimit-reset”: “1622101987”,
“etag”: “W/"96-dxvMF9rXhEEVZd8KJK0BUhR/FYE"”,
“vary”: “Accept-Encoding”
},
“Response Body”: “{\n "type": "laborum aliquip",\n "title": "commodo fugiat ea laborum",\n "status": -37650809,\n "detail": "laborum sit",\n "instance": "ad ipsum ullamco"\n}”
}