Postman
In this section we can use Postman to publish an API as a provider and use it as an invoker.
Requisites
- We will need to have Node.js installed since we will use a small script to create the CSRs of the certificates.
- An instance of CAPIF (If it is not local, certain variables would have to be modified both in the Node.js script and in the Postman environment variables).
First steps
- Install the Node dependencies package.json to run the script with:
npm i
- Run the script.js with the following command:
node script.js
- Import Postman collection and environment variables (CAPIF.postman_collection.json and CAPIF.postman_environment.json)
- Select CAPIF Environment before start testing.
Remote CAPIF
If the CAPIF is not local, the host and port of both the CAPIF and the register would have to be specified in the variables, and the CAPIF_HOSTNAME in the script, necessary to obtain the server certificate.
Enviroments in Postman
CAPIF_HOSTNAME capifcore
CAPIF_PORT 8080
REGISTER_HOSTNAME register
REGISTER_PORT 8084
Const in script.js
CAPIF_HOSTNAME capifcore
CAPIF Flows
Once the first steps have been taken, we can now use Postman requests. These requests are numbered in the order that must be followed to obtain everything necessary from CAPIF.
Creation of User by Admin
The first step would be for an administrator to create a user with which a provider and an invoker will be created. To do this, the admin must log in to obtain the token needed in admin requests.
01-Login_admin
02-Creation of User
Publication of an API
The next step is to register a provider using the user created by the administrator in order to publish an API.
03-getauth_provider
04-onboard_provider
At this point we move on to using certificate authentication in CAPIF. In Postman it is necessary to add the certificates manually and using more than one certificate for the same host as we do in CAPIF complicates things. For this reason, we use the script to overwrite a certificate and a key when it is necessary to have a specific one.
To configure go to settings in Postman and open the certificates section.
- Here, activate the CA certificates option and add the ca_cert.pem file found in the Responses folder.
- Adds a client certificate specifying the CAPIF host being used and the files client_cert.crt and client_key.key in the Responses folder.
Once this is done, the node script will be in charge of changing the certificate that is necessary in each request.
05-publish_api
Once the api is published, we can start it. In this case we have a test one created in python called hello_api.py that can be executed with the following command:
python3 hello_api.py
The API publication interface is set to localhost with port 8088, so the service must be set up locally. If you wanted to build it on another site, you would have to change the interface description in the body of publish_api.
With this the provider part would be finished.
Calling the API
Finally, we will create an invoker with the user given by the administrator to be able to use the published api.
06-getauth_invoker
07-onboard_invoker
At this point we move on to using certificate authentication in CAPIF. If you did not configure the provider's certificates, you would have to do it now.
08-discover
09-security_context
10-get_token
11-call_service
With this, we would have made the API call and finished the flow.
Other requests
Other requests that we have added are the following:
- offboard_provider Performs offboarding of the provider, thereby eliminating the published APIs.
- offboard_invoker Offboards the invoker, also eliminating access to the APIs of that invoker.
- remove_user Delete the user.
- refresh_admin_token Return a new access token to the admin.
Notes
- This process is designed to teach how requests are made in Postman and the flow that should be followed to publish and use an API.
- It is possible that if external CAPIFs are used (Public CAPIF) the test data may already be used or the API already registered.
- It is necessary to have the Node service running to make the certificate change for the requests, otherwise it will not work.
- We are working on adding more requests to the Postman collection.
- This collection is a testing guide and is recommended for testing purposes only.