Authorizing requests in Postman for Sitecore Experience Commerce 9

Sitecore Commerce 4 comments
Reading Time: 3 minutes

I was trying to upgrade Sitecore Experience Commerce (SXC) 9 Initial Release to Sitecore Experience Commerce (SXC) 9 Update 1. One of the steps is to do bootstrap in Postman.

When I tried it, I was getting this exception:

Status Code: 401; Unauthorized

postmanbootstrapsxc

In order to run some of the commands in Postman, request need to be authorized.

Requests that need authorization are dependent on global variable “SitecoreIdToken” and you can see this in Headers tab of requests where {{SitecoreIdToken}} is used for Value field.

postmanbootstrapsxc

Open Postman and create new Global variable with name “SitecoreIdToken” first. To do so, open Environment settings (button below Sign In on the right side of the screen). Go to “Globals” and add new key “SitecoreIdToken” with key “SitecoreIdToken”:

bootstrappingpostman

Switch to “Collections” pane and open “Authentication” collection. Expand “Sitecore” section and click “GetToken”. Switch to “Tests” tab in the command and click on blue “Send” button to get authorization token and save it as global variable “SitecoreIdToken”.

bootstrappingpostman2

Now go back to “Globals” and check value of newly created Global variable “SitecoreIdToken”. It should be changed and have “Bearer ” + access_token value as a Value:

bootstrappingpostman3

Now all requests that need authorization will be authorized 🙂

Token will be invalidated after some time so if you see again exception ‘Status Code: 401; Unauthorized’, just follow above instructions and you are good 😉

Possible other issues that I have encountered and fixed

If you are encountering other issues, you probably need to do one of these settings:

  1. “AntiForgeryEnabled” setting in config.json needs to be set to “false” for Authoring site. You can locate this file under {path_to_your_commerce_authoring}/wwwroot/ e.g. C:\inetpub\wwwroot\CommerceAuthoring_sc9u2\wwwroot.AntiforgeryTokenEnabledSitecoreCommerce
  2. In Postman, you need to disable “SSL certificate verification” in Settings sxcupgrade18

To get further information about Postman and how to use it with Sitecore Experience Commerce, take a look on my blog post about how to set it up and use.

Wishing you all requests to successfully pass through Postman 🙂

4 comments

  1. Pingback: Adding Postman collections for Sitecore Experience Commerce (SXC) 9 – chorpo -> to the core
  2. Pingback: Upgrading Sitecore Experience Commerce (SXC) 9.0 Initial Release to Update 1 – chorpo -> to the core
  3. Pingback: Sitecore Commerce 9 100: Overview and 200: Essentials Trainings – Developer view – chorpo -> to the core
  4. Pingback: Setting up development environment with Postman and Sitecore Experience Commerce (SXC) 9 – straight to the core

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.