Postman

In this section we can use Postman to publish an API as a provider and use it as an invoker.

Requisites

• We will need to have Node.js installed since we will use a small script to create the CSRs of the certificates.
• An instance of CAPIF (If it is not local, certain variables would have to be modified both in the Node.js script and in the Postman environment variables).

First steps

1. Install the Node dependencies package.json to run the script with:

npm i

1. Run the script.js with the following command:

node script.js

1. Import Postman collection and environment variables (CAPIF.postman_collection.json and CAPIF.postman_environment.json)
2. Select CAPIF Environment before start testing.

Remote CAPIF

If the CAPIF is not local, the host and port of both the CAPIF and the register would have to be specified in the variables, and the CAPIF_HOSTNAME in the script, necessary to obtain the server certificate.

Enviroments in Postman

CAPIF_HOSTNAME     capifcore
CAPIF_PORT         8080
REGISTER_HOSTNAME  register
REGISTER_PORT      8084

Const in script.js

CAPIF_HOSTNAME    capifcore

CAPIF Flows

Once the first steps have been taken, we can now use Postman requests. These requests are numbered in the order that must be followed to obtain everything necessary from CAPIF.

Creation of User by Admin

The first step would be for an administrator to create a user with which a provider and an invoker will be created. To do this, the admin must log in to obtain the token needed in admin requests.

01-Login_admin

02-Creation of User

Publication of an API

The next step is to register a provider using the user created by the administrator in order to publish an API.

03-getauth_provider

04-onboard_provider

At this point we move on to using certificate authentication in CAPIF. In Postman it is necessary to add the certificates manually and using more than one certificate for the same host as we do in CAPIF complicates things. For this reason, we use the script to overwrite a certificate and a key when it is necessary to have a specific one.

To configure go to settings in Postman and open the certificates section.

• Here, activate the CA certificates option and add the ca_cert.pem file found in the Responses folder.
• Adds a client certificate specifying the CAPIF host being used and the files client_cert.crt and client_key.key in the Responses folder.

Once this is done, the node script will be in charge of changing the certificate that is necessary in each request.

05-publish_api

Once the api is published, we can start it. In this case we have a test one created in python called hello_api.py that can be executed with the following command:

python3 hello_api.py

The API publication interface is set to localhost with port 8088, so the service must be set up locally. If you wanted to build it on another site, you would have to change the interface description in the body of publish_api.

With this the provider part would be finished.

Calling the API

Finally, we will create an invoker with the user given by the administrator to be able to use the published api.

06-getauth_invoker

07-onboard_invoker

At this point we move on to using certificate authentication in CAPIF. If you did not configure the provider's certificates, you would have to do it now.

08-discover

09-security_context

10-get_token

11-call_service

With this, we would have made the API call and finished the flow.

Other requests

Other requests that we have added are the following:

• offboard_provider Performs offboarding of the provider, thereby eliminating the published APIs.
• offboard_invoker Offboards the invoker, also eliminating access to the APIs of that invoker.
• remove_user Delete the user.
• refresh_admin_token Return a new access token to the admin.

Notes

• This process is designed to teach how requests are made in Postman and the flow that should be followed to publish and use an API.
• It is possible that if external CAPIFs are used (Public CAPIF) the test data may already be used or the API already registered.
• It is necessary to have the Node service running to make the certificate change for the requests, otherwise it will not work.
• We are working on adding more requests to the Postman collection.
• This collection is a testing guide and is recommended for testing purposes only.