Has anyone used the authorization APIs via PowerShell to prompt the user to login via a web browser to get the access token (JWT)? Use case is running a PowerShell script for various tenants that would prompt the user to login to obtain the JWT vs. having it stored in a backend configuration file.
I took the IDN advanced class a long time ago and would swear there was a section in that training that talked about configuring Postman to do a web browser login WITHOUT a clientid/secret pair being needed but unfortunately I don’t have the documentation any longer.
Are you referring to using a session token? If that is the case, IDN admin users can login and go through their secondary/step-up authentication, they can then navigate to https://{tenantURL}/ui/session (optionally include “?refresh=true”) to get a new token that is displayed in the web browser, and that access token can then be used in the API header for OAuth 2.0 Bearer Authentication.
I’ve used the method described, but thinking a bit broader. If IDN is a web app making API calls to get this token, in theory another application should be able to make the same calls to get a similar token that could then be used to make independent API calls.
The challenge is I’m not sure if the specific sequence of API calls is defined along with all the respective parameters. Using the browser development tools the API calls can be seen and ideally we’d like to replicate these to support login via the web browser vs using a PAT.