Get Access Token From Keycloak Using Postman
In this article, see how to get an access token from Keycloak using Postman.
By
·
·
Tutorial
Likes
(4)
Likes
There are no likes...yet! 👀
Be the first to like this post!
It looks like you're not logged in.
Sign in to see who liked this post!
Comment
Save
61.7K Views
Join the DZone community and get the full member experience.
Join For FreeThis post will help you to automate getting an access token from Keycloak and added into request param before each API request hits the server. Keycloak is an open-source software product to allow single sign-on with Identity and Access Management aimed at modern applications and services. Read here to know more about Keycloak.
To Get Access Token Using Postman (For Testing)
Create New Collection in Postman
- Click the new collection button in postman
- Select the variable tab and add the below variables
- client_id: <Copy the client id from your realm setting in KC>
- client_secret: <Make sure you copy the right secrets for the client>
- scope: type ‘openid’
- token_endpoint: <http://KEYCLOAK-SERVER_URL/auth/realms/REPLACE_WITH_YOUR_REALM_NAME/protocol/openid-connect/token>
- access_token: <Leave it blank, this will be populated by pre-request script>
![article image]()
- Go to the authorization tab
- Select Type = Bearer Token
- Token = {{access_token}}
![]()
- Now go to the pre-request scripts tab and paste the following code
JavaScript
xxxxxxxxxx
1
33
1
var client_id = pm.collectionVariables.get("client_id");
2
var client_secret = pm.collectionVariables.get("client_secret");
3
var token_endpoint = pm.collectionVariables.get("token_endpoint");
4
var scope = pm.collectionVariables.get("scope");
5
6
var details = {
7
"grant_type" : "client_credentials",
8
"scope" : scope
9
}
10
11
var formBody = [];
12
for (var property in details) {
13
var encodedKey = encodeURIComponent(property);
14
var encodedValue = encodeURIComponent(details[property]);
15
formBody.push(encodedKey + "=" + encodedValue);
16
}
17
formBody = formBody.join("&");
18
19
pm.sendRequest({
20
url: token_endpoint,
21
method: 'POST',
22
header: {
23
'Content-Type': 'application/x-www-form-urlencoded',
24
'Authorization' :'Basic ' + btoa(client_id+":"+client_secret)
25
},
26
body: formBody
27
}, function(err, response) {
28
const jsonResponse = response.json();
29
console.log(jsonResponse);
30
pm.collectionVariables.set("access_token", jsonResponse.access_token);
31
console.log(pm.collectionVariables.get("access_token"));
32
33
});
- This code will get a new token from Keycloak and extract the access_token from the response
and set into a collection variable {{access_token})
Now, save your collections, below is the sample screenshot
Create a New Request
- Create a new request
- Select the Authorization tab
- Select Type = Inherit auth from parent
- Add your headers, request body if any
- Make sure you save the request under the collection that you created above
- Now try running the script.
Key Points
This script will be executed before each request in this collection and attach the access_token to the request.
Keycloak
Requests
Opinions expressed by DZone contributors are their own.
Comments