How to Obtain and Use OAuth Access Data

Help Topics
If you would like to communicate with a web application (e.g. REST API) that requires you to obtain and use access token from some authentication provider, you can fully automate this workflow with HttpMaster. Here is a sample procedure that you need to follow to successfully obtain access token and use it where applicable:
  • Open project properties from the main application menu or toolbar and switch to Authentication tab.
  • Tick option to obtain OAuth access data.
  • Specify necessary data:
    • Authorization URL; this is URL where you will authenticate with authentication provider. This data is provided by authentication provider and can contain optional query string with necessary parameters, like scope.
    • Client id; this data is provided by authentication provider when new application is registered.
    • Client secret; this data is provided by authentication provider when new application is registered.
    • Redirect URL; must exactly match redirect URL that you have provided to authentication provider during application registration. This is the address where users will be redirected after successful authentication.
    • URL to exchange authorization code for tokens; this is URL where authorization code will be automatically exchanged for tokens. This data is provided by authentication provider.
  • Tick option to prompt for authorization data if not yet obtained.
  • Click OK button to apply project properties.
  • Create new request item and specify its properties (URL, request headers, post body). Include global variable for access token (hm-access-token) where applicable, for example, if you need to include access token in URL as access_token query string parameter, specify the following URL (assuming example.com is your domain):
    http://www.example.org?access_token={hm-access-token}
    Note that access token global variable must be enclosed in curly braces.
  • Execute request item; you should be prompted to obtain OAuth access data. Click corresponding button to start a procedure for obtaining data.
  • Specify your credentials and give permission to the registered application.
  • Obtained authorization code and tokens should now be displayed at the bottom of the window. Click OK button to store them in memory while the project is open.
  • Execution engine will automatically replace all occurrences of access token global variable in request item definition and execute it.
Important
For more information on using OAuth data, see the corresponding topic.

Copyright © by Borvid. All rights reserved.