Now we can test the previous service with Postman.
Postman
Postman is a GUI Tool for testing HTTP APIs. It is much popular today that almost all Developers have it installed it in their machine.
You can download latest version of Postman from here.
https://www.getpostman.com/tools
Steps
Following are the steps to use Postman.
Get the Token
Create a new GET REQUEST as shown below.
Enter the following Values.
· Auth URL use the URL https://login.microsoftonline.com/Your-AAD-Tenant-Name-OR-Guid/oauth2/token and replace the highlighted area
· Client ID You can get this from Azure > App Service > Properties
· Client Secret You can get this from Client Credentials blad
· Grant Type Hardcode as client_credentials
· Resource You can get this from Service > Expose an API blade
Call the Service
Now call the service & If everything went fine you will see the response as below.
Now follow these steps:
· Create a new GET request
· Add the highlighted headers below
· Set the Token copied from previous step with the Bearer prefix on it
· Click the SEND button in Postman
On successful execution, you will get the results as shown above.
Summary
In this post you have seen how to call an AAD protected API Service with Postman. In real world scenarios we can combine the Token generation & attaching to Service request as a single step.
References