GuidesAPI DocsLatest NewsStatusCreate Support RequestReturn to zoey.com
Guides

Connecting to the Zoey API with Postman

How to connect to the Zoey API and authenticate calls with OAuth2.0 through Postman.

Suggest Edits

Here's a step by step guide to get connected to the Zoey API through Postman!

Click here for our API Documentation and a more in-depth setup guide.

OAuth 2.0 Client Setup

Go to Settings > APIs and click Manage on the Zoey REST API - oAuth 2.

🚧

Deprecated APIs include SOAP and OAuth 1.0

If your program is using an outdated API or authentication method, please upgrade to OAuth 2.0!

Add New OAuth 2.0 Client

Click Add New in the top right to get started.

  • Give your new OAuth 2.0 client a Name.
  • Set Enabled to Yes!
  • Skip down to Allowed Grant Types and select Authorization Code and Refresh Token .
  • Set With PKCE to Authorization Code with out PKCE
    • Advance OAuth 2.0 users may decide to use PKCE.
  • In Allowed Redirect URLs enter the following: https://oauth.pstmn.io/v1/callback

Hit Save and then proceed to setting up OAuth 2.0 in Postman.

Authorize Postman API calls with OAuth2.0

In Postman (or another API platform) we'll need to make sure our calls get authenticated via token so that they are accepted by Zoey API.

  1. In your Zoey collection go to Authorization.

  2. For Auth Type select OAuth 2.0.

  3. Add auth data to must be Request Headers.

  4. Skip to Configure New Token and provide a Token Name.

  5. Set the Grant type to Authorization Code.

  6. Authorize using browser should be checked.

  7. Copy the Auth URL from your Zoey Client and paste it into the same field in Postman.

  8. Copy the Token URL from your Zoey Client and paste it into the "Access Token URL" field in Postman.

  9. Copy your Client ID from Zoey and paste it into Postman.

  10. Copy the Client Secret from Zoey and paste it into Postman.

  11. Leave Client Authentication set to "Send as Basic Auth Header".

  12. No need to configure Advanced options for this setup.

  13. Click Get New Access Token at the bottom. Postman will use the details provided to get the users temporary auth token.

    1. Your browser will open to a new page which asks if you would like to authenticate the call for an access token.

      🚧

      The admin user you're logged into will determine the permissions and actions available to this API client.


  14. Hit Authorize and the browser will attempt to open a pop-up.

    🚧

    Pop-ups must be allowed for the redirect to get back to Postman. Allow pop-ups and refresh.

    Then allow browser to open link to Postman.

    1. Postman will open to the Manage Access Tokens page.
      Simply click Use Token and you will be fully authenticated!

📘

Be sure to click Save in Postman to confirm the changes to the Authorization.

You must also be sure that each call is inheriting the global authorization setting.

👍

After following the steps above, Postman will be authenticated to send API calls to Zoey!

Check out the API Documentation here for more information on interacting with the Zoey API.

Allowed Grant Types

Allowed Grant Types are the types of authorizations which will be allowed for the Client.

  • User Based Authentication

Authorization Code will require a valid token for each call.

Refresh Token allows revalidation of token automatically.

  • Client (Program) Interaction Authentication

Client Credentials and API KEY are less secure grants which don't use an expirable token.

Updated 5 days ago