This token will also appear in the Auth tab of the request, where you can either refetch a new token or clear the existing one. The value of the header Bearer contains the token that Insomnia extracted during the login process. If you take a look at the Timeline tab, you will see the Authorization header that was sent with the request. Make use of Insomnia's response filtering by entering a JSONPath query such as $.owner.login below the response body More About OAuth 2.0Įven though Insomnia handles most of the complexities of OAuth for you, there are a few notable things that may come in handy. If all went well you should see a successful 201 Created response with information about your newly created repository. The request will then be sent using the newly acquired token. You will be prompted to sign in with your GitHub credentials and authorize the OAuth application to act on your behalf.Īfter logging in, the token will be extracted from the resulting URL and stored in Insomnia. You can delete the respository from the GitHub website later.Īs soon as you send the request, Insomnia will detect that a token has not yet been obtained and start the authentication process. Submitting the following request will create a new repository on your GitHub account. If you made use of environment variables, it should look something like this.Ĭongratulations! The request is now ready to be sent. After doing that, fill out the values you collected earlier. Select the Auth tab of your "Create Repository" request and change the authentication type to "OAuth 2". You don't even need to understand how it works – although I still recommend you learn. Insomnia deals with the complex task of obtaining and managing OAuth tokens so you don't have to. However, obtaining an OAuth token manually is not easy and requires multiple, complicated steps. This is because the POST /user/repos endpoint requires an OAuth token to be sent with the request. If you sent the request now, before setting up authentication, you would receive a 401 Unauthorized response.
You should end up with a request that looks like this. For my setup, I have created a sub environment called "Test Application" and included the following JSON value: ' This following step is optional, but I recommend specifying the application-specific values as Environment Variables so they can easily be reused or modified.
As a convenience, Insomnia will autocomplete these while you type them and I will also include them here: Authorization URL and Access Token URL: These are static values, listed on the GitHub API Docs.The Callback URL is often optional but we're going to specify it anyway in the name of completeness. Client ID, Client Secret, and Callback URL: These are specific to the GitHub OAuth application and can be found on its details page.
Note that you don't need to know what a grant type is to follow along. The GitHub API uses the OAuth Authorization Code grant type, which requires five things from you. If you don't already have a GitHub OAuth application registered for your account, you can create a one from Developer Settings Note, "Callback URL" can be whatever you want for this tutorial. This post walks through an example using OAuth 2.0 to authenticate and create a repository on GitHub using the GitHub API. OAuth 2.0 has been a supported authentication scheme in Insomnia for some time now but – if you are new to OAuth – can still be quite complicated. GitHub API Authentication using OAuth 2.0
0 kommentar(er)
