从 postman 访问 keycloak API
Access the keycloak API from postman
我试图从邮递员那里访问密钥斗篷API。但它显示 400 个错误请求。
我正在按以下格式调用 api。
http://{hostname}:8080/auth/realms/master/protocol/openid-connect/token?username=admin&password=admin&client_id=admin-cli&grant_type=password
在headers中我设置了content_type as application/x-www-form-urlencoded
我收到如下回复。
{
"error": "invalid_request",
"error_description": "Missing form parameter: grant_type"
}
任何人都可以帮助 me.Any 帮助将不胜感激。提前致谢
您使用的URL是获取token
令牌请求应该是一个POST调用,你post的请求是一个GET请求。下面是关于如何请求 access_token
的 CURL 示例
curl -X POST \
http://{hostname}:8080/auth/realms/{realm}/protocol/openid-connect/token \
-H 'Content-Type: application/x-www-form-urlencoded' \
-d 'username=admin&password=admin&grant_type=password&client_id=admin-cli'
这个问题有点晚了,但你确实问了 postman 而不是 curl。
所以你必须把选项放在 x-www-form-urlencoded
您通过POST客户端调用API
URL - http://localhost:8080/auth/realms/Demo/protocol/openid-connect/token
所以在上面 url 我使用 Demo 作为我的领域而不是 master。
ContentType - “内容类型”:“application/x-www-form-urlencoded”
参数:
{
"client_secret" : "90ec9638-7647-4e65-ad20-b82df3341084",
"username" : "ankur",
"password" : "123456",
"grant_type" : "password",
"client_id": "app-client"
}
设置页眉如下
数据需要传递如下图
您还可以使用 CURL 获取信息
curl -L -X POST 'http://<serveraddress>/auth/realms/<realmname>/protocol/openid-connect/token' -H 'Content-Type: application/x-www-form-urlencoded' --data-urlencode 'client_id=<clientid>' --data-urlencode 'grant_type=password' --data-urlencode 'client_secret=<clientsecret>' --data-urlencode 'scope=openid' --data-urlencode 'username=<username>' --data-urlencode 'password=<password>'
我是否创建了一个 Postman 集合来帮助我们开始使用 keycloak API。任何人都可以保存关注 json,并在 Postman 上导入:
{
"info": {
"_postman_id": "07a9d691-5b1c-4869-990b-551da29590fe",
"name": "Keycloak",
"schema": "https://schema.getpostman.com/json/collection/v2.1.0/collection.json"
},
"item": [
{
"name": "GET REALM",
"request": {
"method": "GET",
"header": [],
"url": {
"raw": "{{KEYCLOAK_URL}}admin/realms/{{KEYCLOAK_REALM}}",
"host": [
"{{KEYCLOAK_URL}}admin"
],
"path": [
"realms",
"{{KEYCLOAK_REALM}}"
]
}
},
"response": []
},
{
"name": "GET USERS",
"event": [
{
"listen": "prerequest",
"script": {
"id": "dfda403a-35b8-4704-840d-102eddac32e6",
"exec": [
""
],
"type": "text/javascript"
}
}
],
"protocolProfileBehavior": {
"disableBodyPruning": true
},
"request": {
"method": "GET",
"header": [],
"body": {
"mode": "urlencoded",
"urlencoded": []
},
"url": {
"raw": "{{KEYCLOAK_URL}}admin/realms/{{KEYCLOAK_REALM}}/users",
"host": [
"{{KEYCLOAK_URL}}admin"
],
"path": [
"realms",
"{{KEYCLOAK_REALM}}",
"users"
]
}
},
"response": []
}
],
"auth": {
"type": "bearer",
"bearer": [
{
"key": "token",
"value": "{{KEYCLOAK_TOKEN}}",
"type": "string"
}
]
},
"event": [
{
"listen": "prerequest",
"script": {
"id": "c3ae5df7-b1e0-4af1-988b-c592df3fd98e",
"type": "text/javascript",
"exec": [
"const echoPostRequest = {",
" url: pm.environment.get('KEYCLOAK_URL') + 'realms/master/protocol/openid-connect/token',",
" method: 'POST',",
" header: 'Content-Type:application/x-www-form-urlencoded',",
" body: {",
" mode: 'urlencoded',",
" urlencoded: [",
" {key:'username', value:pm.environment.get('KEYCLOAK_USER')}, ",
" {key:'password', value:pm.environment.get('KEYCLOAK_PASSWORD')}, ",
" {key:'client_id', value:'admin-cli'}, ",
" {key:'grant_type', value:'password'}",
" ]",
" }",
"};",
"",
"var getToken = true;",
"",
"if (!pm.environment.get('KEYCLOAK_TOKEN_EXPIRY') || ",
" !pm.environment.get('KEYCLOAK_TOKEN')) {",
" console.log('Token or expiry date are missing')",
"} else if (pm.environment.get('KEYCLOAK_TOKEN_EXPIRY') <= (new Date()).getTime()) {",
" console.log('Token is expired')",
"} else {",
" getToken = false;",
" console.log('Token and expiry date are all good');",
"}",
"",
"if (getToken === true) {",
" pm.sendRequest(echoPostRequest, function (err, res) {",
" console.log(err ? err : res.json());",
" if (err === null) {",
" console.log('Saving the token and expiry date')",
" var responseJson = res.json();",
" pm.environment.set('KEYCLOAK_TOKEN', responseJson.access_token)",
" ",
" var expiryDate = new Date();",
" expiryDate.setSeconds(expiryDate.getSeconds() + responseJson.expires_in);",
" pm.environment.set('KEYCLOAK_TOKEN_EXPIRY', expiryDate.getTime());",
" }",
" });",
"}"
]
}
},
{
"listen": "test",
"script": {
"id": "fdb69bb4-14a5-43b4-97e2-af866643e390",
"type": "text/javascript",
"exec": [
""
]
}
}
],
"variable": [
{
"id": "698bbb41-d3f9-47f8-9848-4a1c32f9cca4",
"key": "token",
"value": ""
}
],
"protocolProfileBehavior": {}}
我创建了一个预脚本来获取令牌并根据请求进行设置,如下图所示:
您应该创建以下环境变量:
KEYCLOAK_USER、KEYCLOAK_PASSWORD 和 KEYCLOAK_URL,其中 url 必须是 https://{your keycloak installation}/auth/
我试图从邮递员那里访问密钥斗篷API。但它显示 400 个错误请求。
我正在按以下格式调用 api。
http://{hostname}:8080/auth/realms/master/protocol/openid-connect/token?username=admin&password=admin&client_id=admin-cli&grant_type=password
在headers中我设置了content_type as application/x-www-form-urlencoded
我收到如下回复。
{
"error": "invalid_request",
"error_description": "Missing form parameter: grant_type"
}
任何人都可以帮助 me.Any 帮助将不胜感激。提前致谢
您使用的URL是获取token
令牌请求应该是一个POST调用,你post的请求是一个GET请求。下面是关于如何请求 access_token
curl -X POST \
http://{hostname}:8080/auth/realms/{realm}/protocol/openid-connect/token \
-H 'Content-Type: application/x-www-form-urlencoded' \
-d 'username=admin&password=admin&grant_type=password&client_id=admin-cli'
这个问题有点晚了,但你确实问了 postman 而不是 curl。
所以你必须把选项放在 x-www-form-urlencoded
您通过POST客户端调用API
URL - http://localhost:8080/auth/realms/Demo/protocol/openid-connect/token
所以在上面 url 我使用 Demo 作为我的领域而不是 master。
ContentType - “内容类型”:“application/x-www-form-urlencoded”
参数:
{
"client_secret" : "90ec9638-7647-4e65-ad20-b82df3341084",
"username" : "ankur",
"password" : "123456",
"grant_type" : "password",
"client_id": "app-client"
}
设置页眉如下
数据需要传递如下图
您还可以使用 CURL 获取信息
curl -L -X POST 'http://<serveraddress>/auth/realms/<realmname>/protocol/openid-connect/token' -H 'Content-Type: application/x-www-form-urlencoded' --data-urlencode 'client_id=<clientid>' --data-urlencode 'grant_type=password' --data-urlencode 'client_secret=<clientsecret>' --data-urlencode 'scope=openid' --data-urlencode 'username=<username>' --data-urlencode 'password=<password>'
我是否创建了一个 Postman 集合来帮助我们开始使用 keycloak API。任何人都可以保存关注 json,并在 Postman 上导入:
{
"info": {
"_postman_id": "07a9d691-5b1c-4869-990b-551da29590fe",
"name": "Keycloak",
"schema": "https://schema.getpostman.com/json/collection/v2.1.0/collection.json"
},
"item": [
{
"name": "GET REALM",
"request": {
"method": "GET",
"header": [],
"url": {
"raw": "{{KEYCLOAK_URL}}admin/realms/{{KEYCLOAK_REALM}}",
"host": [
"{{KEYCLOAK_URL}}admin"
],
"path": [
"realms",
"{{KEYCLOAK_REALM}}"
]
}
},
"response": []
},
{
"name": "GET USERS",
"event": [
{
"listen": "prerequest",
"script": {
"id": "dfda403a-35b8-4704-840d-102eddac32e6",
"exec": [
""
],
"type": "text/javascript"
}
}
],
"protocolProfileBehavior": {
"disableBodyPruning": true
},
"request": {
"method": "GET",
"header": [],
"body": {
"mode": "urlencoded",
"urlencoded": []
},
"url": {
"raw": "{{KEYCLOAK_URL}}admin/realms/{{KEYCLOAK_REALM}}/users",
"host": [
"{{KEYCLOAK_URL}}admin"
],
"path": [
"realms",
"{{KEYCLOAK_REALM}}",
"users"
]
}
},
"response": []
}
],
"auth": {
"type": "bearer",
"bearer": [
{
"key": "token",
"value": "{{KEYCLOAK_TOKEN}}",
"type": "string"
}
]
},
"event": [
{
"listen": "prerequest",
"script": {
"id": "c3ae5df7-b1e0-4af1-988b-c592df3fd98e",
"type": "text/javascript",
"exec": [
"const echoPostRequest = {",
" url: pm.environment.get('KEYCLOAK_URL') + 'realms/master/protocol/openid-connect/token',",
" method: 'POST',",
" header: 'Content-Type:application/x-www-form-urlencoded',",
" body: {",
" mode: 'urlencoded',",
" urlencoded: [",
" {key:'username', value:pm.environment.get('KEYCLOAK_USER')}, ",
" {key:'password', value:pm.environment.get('KEYCLOAK_PASSWORD')}, ",
" {key:'client_id', value:'admin-cli'}, ",
" {key:'grant_type', value:'password'}",
" ]",
" }",
"};",
"",
"var getToken = true;",
"",
"if (!pm.environment.get('KEYCLOAK_TOKEN_EXPIRY') || ",
" !pm.environment.get('KEYCLOAK_TOKEN')) {",
" console.log('Token or expiry date are missing')",
"} else if (pm.environment.get('KEYCLOAK_TOKEN_EXPIRY') <= (new Date()).getTime()) {",
" console.log('Token is expired')",
"} else {",
" getToken = false;",
" console.log('Token and expiry date are all good');",
"}",
"",
"if (getToken === true) {",
" pm.sendRequest(echoPostRequest, function (err, res) {",
" console.log(err ? err : res.json());",
" if (err === null) {",
" console.log('Saving the token and expiry date')",
" var responseJson = res.json();",
" pm.environment.set('KEYCLOAK_TOKEN', responseJson.access_token)",
" ",
" var expiryDate = new Date();",
" expiryDate.setSeconds(expiryDate.getSeconds() + responseJson.expires_in);",
" pm.environment.set('KEYCLOAK_TOKEN_EXPIRY', expiryDate.getTime());",
" }",
" });",
"}"
]
}
},
{
"listen": "test",
"script": {
"id": "fdb69bb4-14a5-43b4-97e2-af866643e390",
"type": "text/javascript",
"exec": [
""
]
}
}
],
"variable": [
{
"id": "698bbb41-d3f9-47f8-9848-4a1c32f9cca4",
"key": "token",
"value": ""
}
],
"protocolProfileBehavior": {}}
我创建了一个预脚本来获取令牌并根据请求进行设置,如下图所示:
您应该创建以下环境变量: KEYCLOAK_USER、KEYCLOAK_PASSWORD 和 KEYCLOAK_URL,其中 url 必须是 https://{your keycloak installation}/auth/