Access Management 7.2.2

ForgeRock grant flows collection

ForgeRock provides an OAuth 2.0 and OpenID Connect Postman collection to try out the flows that AM supports. The REST calls, and the prerequisites to run the collection, are provided as a downloadable JSON file collection.

  1. Download and install Postman.

  2. Download the ForgeRock OAuth 2.0 and OpenID Connect Collection.

  3. Import the collection in Postman:

    • Go to File > Import …​ > Upload Files.

    • Select the collection you downloaded, and click Open. Then, click Import.

  4. Configure the collection’s variables to suit your environment:

    • In Postman, on the Collections tab, select the ForgeRock OAuth 2.0 and OpenID Connect Collection. Click the …​ button, then click Edit.

    • On the Variables tab, change the values of at least the following variables:

      • URL_base

      • admin_password

    • Click Update to save your changes.

      You are ready to start running the collection.

The collection is divided into the following folders:

  • Prerequisites, containing REST calls to configure AM as an authorization server, and to create the clients and users required to run the collection.

  • OAuth 2.0 Flows, containing the flows explained in OAuth 2.0 grant flows.

  • OpenID Connect Flows, containing the flows explained in OpenID Connect grant flows.

    The Backchannel (CIBA) grant is not included, since it requires push notifications and an additional device to work.

  • Refresh Token Flow, containing calls explained in Refresh tokens and /oauth2/token/revoke.

  • Token Exchange Flows, containing the token exchange flows explained in Token exchange flows.

Copyright © 2010-2024 ForgeRock, all rights reserved.