all Technical posts

Authenticate Postman against Azure Service Management API

Postman is a great and popular tool to test Web API's. There are however a few steps needed to get it authenticated against Microsoft's standard API's, such as the Azure Service Management API. This blog post covers two ways on how to authenticate Postman quick and easily.

In case you try to access the Azure Service Management API, without any specific authorization, you’ll get the following exception: ‘Authentication failed.  The ‘Authorization’ header is missing’.
Postman 01

There are two main ways to authenticate with Azure: using your own Microsoft account or using a Service Principal. Let’s have a closer look!

Authenticate with Microsoft account

Use ARMClient

  • Download ARMClient over here.
  • Open Command Prompt or PowerShell.
  • Run the following command: ARMClient.exe login
  • Provide your credentials.
    Postman 02
  • Copy the token to the clipboard, via this command:
  • In Postman, add an Authorization header to your HTTP request. As a value, provide ‘Bearer’, followed by a space and then the token from the clipboard. Send your request and it should work fine!Postman 03

Use Fiddler

  • Download Fiddler over here.
  • Ensure you configure Fiddler to Decrypt HTTPS traffic.
    Postman 04
  • Perform a request in the Azure portal and find it back in Fiddler.
    Postman 05
  • Copy the bearer token from the HTTP security header.
    Postman 06
  • In Postman, add an Authorization header to your HTTP request. As a value, provide the copied bearer token, including the ‘Bearer’. Send your request and you should get access!Postman 03

 

Authenticate with Service Principal

Setup a Service Principal

Create an Active Directory application (Service Principal) that represents your Postman instance.

  • Open the Active Directory blade.
    Schedule 01
  • Go to the Properties tab.
    Schedule 02
  • Select the Directory ID, you will need it later as the Tenant ID.
    Schedule - 03 (1)
  • Go to the App Registrations tab.
    Schedule 04
  • Click Add.
    Schedule 05
  • Provide a meaningful name, select Web app / API as the application type and provide just a dummy, but valid URL. Click Create.
    Postman 07
  • Copy the Application ID, you will need it later as the Client ID.
    Postman 08
  • Go to the Keys tab
    Schedule 08
  • Provide a Description and choose the Expiration Setting. Click Save.
    Schedule 09
  • Copy the Value, you will need it later as the Client Secret.

Permissions can be configured at any level: subscription, resource group or resource. They get inherited be default to the lower level, so having specific rights on a resources group applies also to all resources underneath. Just navigate to the desired blade, which is in our case the Logic App itself.

  • Go to the Access Control (IAM) tab.

 Schedule 10

  • Give a specific access role to the service principal you just created.

Postman 09

Use ARMClient

  • Download ARMClient over here.
  • Open Command Prompt or PowerShell.
  • Run the following command, <placeholders> must be replaced by the values collected above: 
  • Copy the token to the clipboard, via this command: 
  • In Postman, add an Authorization header to your HTTP request. As a value, provide ‘Bearer’, followed by a space and then the token from the clipboard. Send your request and you should be good to go!
    Postman 03

Conclusion

It’s quite simple to authenticate Postman against the Azure API’s. You can include these authorization headers as presets, but keep in mind that bearer tokens have an expiration time.

Hope this was interesting! Let me know if you have easier ways to authenticate Postman against Azure API’s!
Toon

 

Subscribe to our RSS feed