Question
T-Systems
DE
Last activity: 9 Nov 2022 6:58 EST
Reuse Token bearer in Rest API
Hello,
I have two rest apis, one is being used for login that generates the access token code and other api uses the same access token code to post the data.
I am trying to use the same access token code in the second rest api to post the data. How do we do this?
I tried creating a new authentication profile using OAAuth 2.0 Provider (Custom) and Grant Type (JWT Bearer) but it didn't work.
In postman, it works as the access token code is already saved.
Authorization: Bearer Token ( is getting used in Postman)
Any idea, how do we fix it?
***Edited by Moderator Marije to add Capability tags***
-
Like (0)
-
Share this page Facebook Twitter LinkedIn Email Copying... Copied!
Accepted Solution
Updated: 10 Jun 2022 6:58 EDT
UnitedHealth Group Incorporated
IN
@ManishS96 This seems you have custom token generation. As discussed then instead of auth profile, data page can be used to store and generate the auth token.
T-Systems
DE
UnitedHealth Group Incorporated
IN
@ManishS96 What is the grant type you have for generating token on Postman? Is it JWT Bearer? We have used of type client credentials and we were able to re-use the same authentication profile for multiple connect RESTs. We can use the same authentication profile for multiple APIs if they also use the same authentication.
T-Systems
DE
We have grant type on Postman as "Token Bearer" and I have created the the authentication profile on Pega as "JWT bearer". Will JWT work in my case or I need to use something else?
Please confirm.
UnitedHealth Group Incorporated
IN
@ManishS96 You mean prefix Bearer on the Postman Authorization header? I see only below options for grant type on OAuth2.0 Authorization: If so then you just create an authentication profile, with Grant type as Client credentials and pass client secret and id. Please let us know if you need further help.
T-Systems
DE
You mean prefix Bearer on the Postman Authorization header - Yes, that's correct. (attached in the screenshot)
Will grant type "Client credentials" work?
Accepted Solution
Updated: 10 Jun 2022 6:58 EDT
UnitedHealth Group Incorporated
IN
@ManishS96 This seems you have custom token generation. As discussed then instead of auth profile, data page can be used to store and generate the auth token.
-
JOEL BOYER
T-Systems
DE
Yeah, we are using data page to map the access token code value in the second api request header as a parameter that is defined in the acitivity.
-
Manjunatha Chakresha Rao
Infosys Limited
IN
Were you able to pass the token as part of the Authorization in Header?
We are trying to do the same, but encounter the 401 response code
Accenture
AU
@ManishS96 A bearer token is nothing more than a HTTP header named "Authorization" with the value "Bearer: xyz" where xyz is your token string. Postman should auto construct this for you. Look at the headers section in Postman after you enter the bearer token value in the Authentication screen.
-
Manjunatha Chakresha Rao