如何使用带有 Oauth 的 magento REST api 的 POSTMAN REST 客户端.如何获取 Token 和 Token Secret? [英] How to use POSTMAN rest client with magento REST api with Oauth. How to get Token and Token Secret?

问题描述

I am a beginner to magento REST API, how i will get token and token secret to be fill in Postman REST resquest. I have only consumer key and consumer secret. Please provide me the steps to follow.

解决方案

First, you want to request a valid OAuth token and secret. Do this by hitting the /oauth/initiate URL of your Magento store with a GET parameter for oauth_callback. We're going to use httpbin so that we can echo anything that is passed to our callback. Make sure you have "Auto add parameters" checked on the OAuth 1.0 settings for Postman.

That will give you an oauth_token and oauth_token_secret, which are only temporary. These are referred to as a "request token" and secret. Save these values somewhere because you will need them later.

Now, assemble a new regular HTTP request to the /admin/oauth_authorize URL of your Magento store. This will return a login form where you can accept the oauth token and authorize your app, however since we're using Postman we aren't able to interact with the form.

Instead, view the source and pull out the form_key hidden input value. Then assemble a new HTTP request to fake the submission of the authorization form. Make sure it is a POST request. Your new HTTP request should look like this.

Now, you need to actually confirm the authorization. Simply issue a GET to the /admin/oauth_authorize/confirm URL of your Magento store with the oauth_token as your parameter. When you send this request it will redirect to your oauth_callback from the first step. Now, you can see why we used httpbin as our callback in the first step.

OK. So, we're almost home. The last piece of the puzzle is to use the oauth_token, oauth_secret, and oauth_verifier all together to get a valid and persistent "access token". So, take the oauth_token_secret from the first step, and combine and assemble a new OAuth request like so.

You should get a returned token and secret. These will never expire! You can use them to query products and stuff.

Now, you can assemble your OAuth requests like this. Edit: Note, you must check the "Add params to header" checkbox in order for Magento REST calls to work properly.

这篇关于如何使用带有 Oauth 的 magento REST api 的 POSTMAN REST 客户端.如何获取 Token 和 Token Secret?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！