Token Generation on AWS for Authorization of API

Ask the Experts and Postman Tips
1

Hi Team,

As of now we are generating token for authentication of API from Command Prompt(CMD) based on the AWS commands.
Since its manual and tedious task that’s why we are moving towards the automation.
Towards the end goal of automation, Dev team created the POST http method API but they tested with redirect_uri as https://www.google.com
Now question is how we can get the same response over the Postman? What gonna be value of redirect_uri value.

Step to reproduce:
Dev team Testing:

  1. Enter the url in any browser:
    https://cdp.amazoncognito.com/login?client_id=6mcf8kpvtjcjpa32i7q8t2ts1p&response_type=token&scope=email+openid+profile&redirect_uri=https://www.google.com

2.Enter the valid cred.

image
image868×495 19.1 KB

  1. Once you entered the correct cred., You will see the required response at url level only.

Testing through Postman;
Step to reproduce:

  1. Enter the url with Post method with Paramameters

Question:
1.What gonna be parameter based on the above dev url?
2.What gonna be type of authorization? Means in which section we will apply the username/password?
3. What gonna be redirect_uri value?

Let me know still needed more info, Since further data cant display here due to security concern.

2

I recommend looking into OAuth2 to understand how to get everything to run in Postman.

Below is a tutorial that can help you get started.

1 Like
3

I’ve also written this blog post on how to automate token renewal.

I would recommend watching that video that @vdespa provided though.

4

@allenheltondev @vdespa Thanks for the suggestion.
I just went through the above mentioned video and docs.

A bit complex process but trying to get into SO here is the process I followed for my requirement.

Here the basic details what QA team have:

Signin

https://cdp-api-dev.auth.us-west-2.amazoncognito.com/login
client_id=6mcf8kpvtjcjpa32i7q8t2ts1p
response_type=token
scope=email+openid+profile
redirect_uri=https://www.google.com

Tried with Grant Type as password cred and console error as followed:
Error: Could not complete OAuth 2.0 token request

image
image1907×963 103 KB

Tried with Gant Type as Authorization Code and error coming over the browser as below:
Note: I just added client secret as url cred but not sure what gonna be value.

image
image841×867 41.8 KB

Once we click on request token, It navigate to the browser level and throwing error as

image
image1914×619 25.1 KB

Really looking forward since very beginner for such processes.

5

The specific error you’re getting is stating the redirect uri is wrong.
image
From the details you provided above, I’d imagine you’d need to change the redirect to google.com instead of the postman callback.

Or the easier method might be to have a developer whitelist the postman callback url

1 Like