Chilkat Online Tools

Foxpro / ForgeRock Identity Cloud Collection / Step 6: Get Access Token as Postman Admin User

Back to Collection Items

LOCAL loHttp
LOCAL lnSuccess
LOCAL loReq
LOCAL loJsonParam2
LOCAL loJsonParam3
LOCAL loJsonParam5
LOCAL loJsonParam6
LOCAL loResp
LOCAL loSbResponseBody
LOCAL loJResp
LOCAL lnRespStatusCode
LOCAL lcAccess_token
LOCAL lcRefresh_token
LOCAL lcScope
LOCAL lcToken_type
LOCAL lnExpires_in

* This example assumes the Chilkat API to have been previously unlocked.
* See Global Unlock Sample for sample code.

* For versions of Chilkat < 10.0.0, use CreateObject('Chilkat_9_5_0.Http')
loHttp = CreateObject('Chilkat.Http')

* For versions of Chilkat < 10.0.0, use CreateObject('Chilkat_9_5_0.HttpRequest')
loReq = CreateObject('Chilkat.HttpRequest')
loReq.AddParam("grant_type","password")

* For versions of Chilkat < 10.0.0, use CreateObject('Chilkat_9_5_0.JsonObject')
loJsonParam2 = CreateObject('Chilkat.JsonObject')
loReq.AddParam("username",loJsonParam2.Emit())

* For versions of Chilkat < 10.0.0, use CreateObject('Chilkat_9_5_0.JsonObject')
loJsonParam3 = CreateObject('Chilkat.JsonObject')
loReq.AddParam("password",loJsonParam3.Emit())
loReq.AddParam("scope","fr:idm:*")

* For versions of Chilkat < 10.0.0, use CreateObject('Chilkat_9_5_0.JsonObject')
loJsonParam5 = CreateObject('Chilkat.JsonObject')
loReq.AddParam("client_id",loJsonParam5.Emit())

* For versions of Chilkat < 10.0.0, use CreateObject('Chilkat_9_5_0.JsonObject')
loJsonParam6 = CreateObject('Chilkat.JsonObject')
loReq.AddParam("client_secret",loJsonParam6.Emit())

loResp = loHttp.PostUrlEncoded("https://<tenant-name>.forgeblocks.com/am/oauth2/realms/root/realms/alpha/access_token?auth_chain=PasswordGrant",loReq)
IF (loHttp.LastMethodSuccess = 0) THEN
    ? loHttp.LastErrorText
    RELEASE loHttp
    RELEASE loReq
    RELEASE loJsonParam2
    RELEASE loJsonParam3
    RELEASE loJsonParam5
    RELEASE loJsonParam6
    CANCEL
ENDIF

* For versions of Chilkat < 10.0.0, use CreateObject('Chilkat_9_5_0.StringBuilder')
loSbResponseBody = CreateObject('Chilkat.StringBuilder')
loResp.GetBodySb(loSbResponseBody)

* For versions of Chilkat < 10.0.0, use CreateObject('Chilkat_9_5_0.JsonObject')
loJResp = CreateObject('Chilkat.JsonObject')
loJResp.LoadSb(loSbResponseBody)
loJResp.EmitCompact = 0

? "Response Body:"
? loJResp.Emit()

lnRespStatusCode = loResp.StatusCode
? "Response Status Code = " + STR(lnRespStatusCode)
IF (lnRespStatusCode >= 400) THEN
    ? "Response Header:"
    ? loResp.Header
    ? "Failed."
    RELEASE loResp
    RELEASE loHttp
    RELEASE loReq
    RELEASE loJsonParam2
    RELEASE loJsonParam3
    RELEASE loJsonParam5
    RELEASE loJsonParam6
    RELEASE loSbResponseBody
    RELEASE loJResp
    CANCEL
ENDIF

RELEASE loResp

* Sample JSON response:
* (Sample code for parsing the JSON response is shown below)

* {
*   "access_token": "eyJ0eXAiJ9.eyJzdWIiOiJkZPXXcM",
*   "refresh_token": "eyJ0eXAiOiJKV1QiLC.eyl0VHJXpdhFiWDw",
*   "scope": "write",
*   "token_type": "Bearer",
*   "expires_in": 3599
* }

* Sample code for parsing the JSON response...
* Use this online tool to generate parsing code from sample JSON: Generate JSON Parsing Code

lcAccess_token = loJResp.StringOf("access_token")
lcRefresh_token = loJResp.StringOf("refresh_token")
lcScope = loJResp.StringOf("scope")
lcToken_type = loJResp.StringOf("token_type")
lnExpires_in = loJResp.IntOf("expires_in")

RELEASE loHttp
RELEASE loReq
RELEASE loJsonParam2
RELEASE loJsonParam3
RELEASE loJsonParam5
RELEASE loJsonParam6
RELEASE loSbResponseBody
RELEASE loJResp

Curl Command

curl -X POST
	--data-urlencode 'grant_type=password'
	--data-urlencode 'username={{postmanAdminUsername}}'
	--data-urlencode 'password={{postmanAdminPassword}}'
	--data-urlencode 'scope=fr:idm:*'
	--data-urlencode 'client_id={{postmanAdminClientId}}'
	--data-urlencode 'client_secret={{postmanClientSecret}}'
https://<tenant-name>.forgeblocks.com/am/oauth2/realms/root/realms/alpha/access_token?auth_chain=PasswordGrant

Postman Collection Item JSON

{
  "name": "Step 6: Get Access Token as Postman Admin User",
  "event": [
    {
      "listen": "test",
      "script": {
        "exec": [
          "var jsonData = JSON.parse(responseBody);",
          "",
          "if(jsonData.access_token && jsonData.access_token != \"\")",
          "{",
          "    pm.globals.set(\"adminAccessToken\", jsonData.access_token);",
          "}",
          "",
          "if(jsonData.refresh_token && jsonData.refresh_token != \"\")",
          "{",
          "    pm.globals.set(\"adminRefreshToken\", jsonData.refresh_token);",
          "}",
          "",
          "// Tests",
          "",
          "pm.test(\"Status code is 200\", () => {",
          "  pm.expect(pm.response.code).to.eql(200);",
          "});",
          "",
          "pm.test(\"Response contains access_token\", function () {",
          "    pm.expect(jsonData.access_token).to.be.a(\"string\");",
          "});",
          ""
        ],
        "type": "text/javascript"
      }
    }
  ],
  "request": {
    "method": "POST",
    "header": [
    ],
    "body": {
      "mode": "urlencoded",
      "urlencoded": [
        {
          "key": "grant_type",
          "value": "password",
          "description": "The grant type required for the Resource Owner Password Credentials Grant.",
          "type": "text"
        },
        {
          "key": "username",
          "value": "{{postmanAdminUsername}}",
          "description": "Username for a ForgeRock demo user.",
          "type": "text"
        },
        {
          "key": "password",
          "value": "{{postmanAdminPassword}}",
          "description": "Password for a ForgeRock demo user.",
          "type": "text"
        },
        {
          "key": "scope",
          "value": "fr:idm:*",
          "description": "Strings that are presented to the user for approval and included in tokens so that the protected resource may make decisions about what to give access to.",
          "type": "text"
        },
        {
          "key": "client_id",
          "value": "{{postmanAdminClientId}}",
          "description": "The ID of the Confidential OAuth Client.",
          "type": "text"
        },
        {
          "key": "client_secret",
          "value": "{{postmanClientSecret}}",
          "description": "The secret of the Confidential OAuth Client. See the ForgeRock documentation for stronger methods of client authentication.",
          "type": "text"
        }
      ]
    },
    "url": {
      "raw": "{{amUrl}}/oauth2{{realm}}/access_token?auth_chain=PasswordGrant",
      "host": [
        "{{amUrl}}"
      ],
      "path": [
        "oauth2{{realm}}",
        "access_token"
      ],
      "query": [
        {
          "key": "auth_chain",
          "value": "PasswordGrant"
        }
      ]
    },
    "description": "Obtain an access token as the Postman Administrative User. Create this user in the `/alpha` realm, and ensure it has the `openidm-admin` authorization role."
  },
  "response": [
    {
      "name": "Example",
      "originalRequest": {
        "method": "POST",
        "header": [
        ],
        "body": {
          "mode": "urlencoded",
          "urlencoded": [
            {
              "key": "grant_type",
              "value": "password",
              "description": "The grant type required for the Resource Owner Password Credentials Grant.",
              "type": "text"
            },
            {
              "key": "username",
              "value": "{{postmanDemoUsername}}",
              "description": "Username for a ForgeRock demo user.",
              "type": "text"
            },
            {
              "key": "password",
              "value": "{{postmanDemoPassword}}",
              "description": "Password for a ForgeRock demo user.",
              "type": "text"
            },
            {
              "key": "scope",
              "value": "write",
              "description": "Strings that are presented to the user for approval and included in tokens so that the protected resource may make decisions about what to give access to.",
              "type": "text"
            },
            {
              "key": "client_id",
              "value": "{{postmanConfidentialClientId}}",
              "description": "The ID of the Confidential OAuth Client.",
              "type": "text"
            },
            {
              "key": "client_secret",
              "value": "{{postmanClientSecret}}",
              "description": "The secret of the Confidential OAuth Client. See the ForgeRock documentation for stronger methods of client authentication.",
              "type": "text"
            }
          ]
        },
        "url": {
          "raw": "{{amUrl}}/oauth2{{realm}}/access_token",
          "host": [
            "{{amUrl}}"
          ],
          "path": [
            "oauth2{{realm}}",
            "access_token"
          ]
        }
      },
      "status": "OK",
      "code": 200,
      "_postman_previewlanguage": "json",
      "header": [
        {
          "key": "X-Frame-Options",
          "value": "SAMEORIGIN"
        },
        {
          "key": "X-Content-Type-Options",
          "value": "nosniff"
        },
        {
          "key": "Cache-Control",
          "value": "no-store"
        },
        {
          "key": "Pragma",
          "value": "no-cache"
        },
        {
          "key": "Content-Type",
          "value": "application/json;charset=UTF-8"
        },
        {
          "key": "Content-Length",
          "value": "1570"
        },
        {
          "key": "Date",
          "value": "Thu, 13 Aug 2020 12:16:52 GMT"
        }
      ],
      "cookie": [
      ],
      "body": "{\n    \"access_token\": \"eyJ0eXAiJ9.eyJzdWIiOiJkZPXXcM\",\n    \"refresh_token\": \"eyJ0eXAiOiJKV1QiLC.eyl0VHJXpdhFiWDw\",\n    \"scope\": \"write\",\n    \"token_type\": \"Bearer\",\n    \"expires_in\": 3599\n}"
    }
  ]
}