Reputation: 39250
Postman could not get any response making authorized call with a JWT
I've set up a simple API in .NET Core protecting it using JWT orchestrated by Identity Server 4. When I access an endpoint attributed [Authorize], I get the response as expected (401 Unauthorized). Commented out, it returns the actual data, just as suppsed to.
Now, when added the header with key Authorization and value Bearer XXX, where XXX is my obtained token, I get an immediate error message saying that
Could not get any response
followed by four suggestions on what to do. I turned off the SSL cert and the proxy isn't needed as everything's run locally in a basic setup. The timeout isn't relevant (set to 0 and the error occurs immediately).
It leaves me with the abstract option of *backend not working properly. I haven't done anything special, simply following the guide provided at IS's site. My impression, supprted by the immediateness of the error is that I've done something less bright in Postman. ALso, the console of the IS says nothing about errors, which furthermore strenghtens my suspition of the issue being with unrelated to it.
I tried to set different authorizations on the tab below URL. Same result for each call. I checked the hosts file and it looks like this
127.0.0.1 localhost
I've made sure there's no line break at the end of the pasted-in token as suggested by this article. I've tried setting key Content-type to application/json et.al. like suggested here. I've checked that I don't have colliding environmental variables like shown here. Etc. - basically any info, article and hint I've found.
At this stage, I'm out of ideas on how to troubleshoot the issue and I'm dry on new keywords to google for.
What might be the cause, what can be done about it and, at least, where can I get more inspiration on how to proceed?
Upvotes: 0
Views: 1901
Answers (2)
Reputation: 906
I ran into this issue recently and fixed it by doing request Authorization in the Authorization tab instead of the Headers tab.
Click the Authorization tab, change the type to Bearer, and paste in your token.
If possible, you might also want to automate the capturing of your access token as an environment variable; this prevent copy/paste issues and allows you to easily refresh your token after it expires.
To do this, you would need to create and save a Postman request that retrieves the access token, then use the "Tests" tab from that request to parse the response and set the access token as a variable.
Here's some example test code that may need modification depending on your specific endpoint:
var jsonData = JSON.parse(responseBody);
postman.setEnvironmentVariable("accessToken", jsonData.accessToken);
After making the request to login, the {{accessToken}} environment variable should be populated, and you can use {{accessToken}} as your Authorization value instead of the raw token string.
Upvotes: 1
Reputation: 30046
For narrowing down this issue, check whether the token is validate and whether the token is copied correctly, compare the token sent from request and the original token.
Upvotes: 1
Related Questions
- ASP.NET core JWT authentication always throwing 401 unauthorized
- how to solve 401 unauthorized error in postman when calling a .Net API
- Do I have the correct token after Postman gets 401 Unauthorized with .Net Core Identity after supplying invalid token?
- how to test jwt authentication using Postman
- No response after adding JWT authentication with Postman?
- Resolve Authentication problem JWT Bearer for .NET Core API
- My jwt bearer token returns error="invalid_token", error_description="The token expired" with postman
- Postman returns 401 despite the valid token distributed for a secure endpoint
- Postman returning with 401 unothorized when valid token is passed while working with asp.net core 3.0
- How to properly obtain the token using C# from Identity Server 4 to use in Postman?