PKCE Login Collection and Environment

The PKCE Login collection and environment referenced in this document can be downloaded here

Setting up the Environment

After importing the collection and environment linked above, you’ll need to supply the following information. Set each corresponding “current value” with:

  • The Spend endpoint URL

  • The IDS endpoint URL

  • a username: The username for the spend user that needs the bearer token generated.

  • the user’s password        

  • Tenant Name: the “Name” of the tenant to be used.

  • your engage portal subscription key

The variables that start with the “g_” prefix are generated by the requests in the collection, and should be left blank. To view javascript used to automatically store the variables, look in the “Tests” tab in each postman request.

PKCE Login Environment variables

To find your subscription key:

  1. Log into https://develop.spendmanagement.com/.

  2. In the top right menu, click “Profile”.

  3. When viewing your profile, click the “Show” link to the right of the primary key.

  4. The now visible key is your subscription key. Copy and paste that into the “subscriptionKey” current value.

  5. Be sure to click “Save” in the Postman environment to allow the collection to read your values.

Finding your subscription key.

Running the Requests

Once the variables are all set, the requests need to be run in sequential order. Be sure that the PKCE Login Environment is selected before running the requests.

Additional details on each request can be found here: *Link to PKCE login process article*

1. POST User/Login

The User/Login request.

This request will send the username and password to IDS site, and return two tokens, which are stored as Environment variables:

  • Authorization token - stored as the environment variable g_authToken

  • Access token - stored as the environment variable g_accessToken

If the specified user only has access to 1 tenant, an access token is will be by this request, and steps 2 and 3 can be skipped. However, steps 2 and 3 will not cause any problems if they are run. If the AccessToken returned is “null”, steps 2 and 3 must be run.

2. GET User/Tenants

The User/Tenants request.

This request will send the g_authToken to the IDS site, and will return a list of tenants available to the user specified in the environment variables. The “Test” will parse the array returned and find the “FxTenantID” for the tenant name specified in the environment variables. The FxTenantId will be stored in the environment variables as g_fxTenantId.

3. GET User/accessToken?fxTenantID={FxTenantId}

The User/accessToken request.

This request will pass the g_fxTenantId to the IDS site, and will return:

  • Authorization token - stored as the environment variable g_authToken

  • Access token - stored as the environment variable g_accessToken

4. GET user/register

The user/register request.

This request will pass the g_accessToken to the Spend site, and will return the bearer token needed to access the Spend endpoints. This bearer token will be stored as an environment variable called g_bearerToken.

Running the Collection as a Batch

The entire collection can be run as a batch to simplify the process. All necessary variables must be set, and all generated variables will be created during the run.

To run the collection as a batch:

  1. Click the “Collections” tab

  2. Click on the PKCE Login collection to view the collection properties

The Collection tab, PKCE Login collection clicked.

3. In the top of the collection properties tab, there is a “Run” button visible. Click it.

The run button. It’s over there -->

4. Ensure the run order is correct.

5. Ensure “Keep variable values” is checked.

Running the collection.

6. Click “Run PKCE Login”

The aftermath.

7. Ensure that all requests returned a 200 status, and that all generated variables are set in the environment.