Set up "listener" for OAuth2.0 callbacks

My question: I would like to “listen” for when someone sends an OAuth2.0 authorization token to Postman from a third party API. I have registered an app with the third party and can provide any callback URL to this app. I assume I need to set something up in Postman so that when this URL is hit, a collection of requests is automatically triggered that takes the authorization code from the URL and then swaps this for an access token etc.

Details (like screenshots): I am guessing the workflow would be something like this:

  1. User clicks a static link (e.g., from an email)
  2. User is taken to third party OAuth2.0 authentication window
  3. User authenticates and authorization code is sent in callback URL
    4. Postman awakens when the callback URL is hit and extracts the authorization code
  4. Postman saves this code to a variable and triggers a standard OAuth2.0 collection of requests to exchange the authorization token for an access/refresh token etc.

How I found the problem: Step 4 is where I am seeking some advice

I’ve already tried: Creating an API definition for a post request, but I’m not really sure what I’m doing…

Sounds like you are trying to use Postman as middle ware which isn’t really what its meant for.

Shouldn’t this logic\workflow be in your front end application. You are talking about a fairly standard OAuth authentication process.

Postman does have some monitoring and webhook integrations, but I can’t see how it will know if that URL has been hit.

If you do really want to abstract this logic\workflow because your app cannot handle it, then it should be an Enterprise Service Bus or similar technology. (MS Logic App\Flow for example). But this is just increasing the complexity when the authentication logic ought to be covered in your app.