Using Postman to access OAuth 2.0 Google APIs

by

Postman will query Google API impersonating a Web Application

Generate an OAuth 2.0 token:

  1. Ensure that the Google APIs are enabled

  2. Create an OAuth 2.0 client ID

    • Go to Google Console -> API -> OAuth consent screen
      • Add getpostman.com to the Authorized domains. Click Save.
    • Go to Google Console -> API -> Credentials
      • Click ‘Create credentials’ -> OAuth client ID -> Web application
        • Name: ‘getpostman’
        • Authorized redirect URIs: https://www.getpostman.com/oauth2/callback
    • Copy the generated Client ID and Client secret fields for later use

  3. In Postman select Authorization tab and select “OAuth 2.0” type. Click ‘Get New Access Token’

    • Fill the GET NEW ACCESS TOKEN form as following
      • Token Name: ‘Google OAuth getpostman’
      • Grant Type: ‘Authorization Code’
      • Callback URL: https://www.getpostman.com/oauth2/callback
      • Auth URL: https://accounts.google.com/o/oauth2/auth
      • Access Token URL: https://accounts.google.com/o/oauth2/token
      • Client ID: Client ID generated in the step 2 (e.g., ‘123456789012-abracadabra1234546789blablabla12.apps.googleusercontent.com’)
      • Client Secret: Client secret generated in the step 2 (e.g., ‘ABRACADABRAus1ZMGHvq9R-L’)
      • Scope: see the Google docs for the required OAuth scope (e.g., https://www.googleapis.com/auth/cloud-platform)
      • State: Empty
      • Client Authentication: “Send as Basic Auth header”
    • Click ‘Request Token’ and ‘Use Token’
  4. Set the method, parameters, and body of your request according to the Google docs

More Related Contents:

  1. Sign in with Google temporarily disabled for this app
  2. Restrict Login Email with Google OAuth2.0 to Specific Domain Name
  3. Why do access tokens expire?
  4. OAuth2 and Google API: access token expiration time?
  5. Gmail API returns 403 error code and “Delegation denied for “
  6. Error: invalid_request device_id and device_name are required for private IP
  7. “This app would like to: Have offline access” when access_type=online
  8. Is it possible to be able to correctly select any available Google account to use when using authorisation via the JS client library for Drive?
  9. How to bypass entering authentication code to authorize my code everytime I use the YouTube Data API v3
  10. Can I really not ship open source with Client ID? [closed]
  11. CORS issue while making an Ajax request for oauth2 access token
  12. How can I revoke a JWT token?
  13. How to identify a Google OAuth2 user?
  14. Error: ‘The project id used to call the Google Play Developer API has not been linked in the Google Play Developer Console.’
  15. Getting a 403 – Forbidden for Google Service Account
  16. How to correctly use Google Plus Sign In with multiple activities?
  17. How Google API V 3.0 .Net library and Google OAuth2 Handling refresh token
  18. How to specify the scope of Google API to get the birthday
  19. Failed sending mail through google api with javascript
  20. Disable checkboxes on Google consent screen
  21. How to change Google consent screen email?
  22. Google Places AutoComplete on iOS – Can’t Load Search Results – Try Again
  23. How to programmatically remove a file from “share with me” in Google drive
  24. client secret in OAuth 2.0
  25. How to specify refresh tokens lifespan in Keycloak
  26. Google Analytics API: “User does not have sufficient permissions for this account.”
  27. Validate Google Id Token
  28. OAuth 2.0 with Google Analytics API v3
  29. gapi.auth.signOut(); not working I’m lost
  30. Google.GData.Client.GDataRequestException – Authentication suddenly fails in old code

Leave a Comment