App-only token

Use this approach if you want an access token to have app-only context. In this case, EmbedFAST will use an app-only token for authentication and retrieve user identification from the ‘embedfast-user-id’ header parameter to use for authorization (access control and validation).

Note:

The EmbedFAST Admin API does not support this approach.
The EmbedFAST User (Client) API can use this approach if you need to integrate with any available authentication providers.

Log into Postman.
Go to the Workspaces tab > My Workspace.
Click on the + icon next to the Overview tab to create a new request.

This will take you to a new request page.

Click on the Authorization tab below the entry field.

From the drop-down menu next to Type, select OAuth 2.0.

Add parameters under the Configure New Token section as detailed in the table below:

Parameters

Inputs

Token Name

Create and enter a token name

Grant Type

Select Client Credentials

Access Token URL

https://login.microsoftonline.com/<Your-Tenant-ID>/oauth2/v2.0/ token

Client ID

Enter the client ID of the EmbedFAST API's app registration

Client Secret

Enter the client secret of the EmbedFAST API's app registration

Scope

api://<Client-ID>/.default

Client Authentication

Send as basic Auth header

Reminder: Ensure that the callback URL is added as a redirect URI in the app registration for the EmbedFAST API, as detailed in previous sections.

Click on Get New Access Token after entering the parameters detailed above.

A dialog box will appear which confirms the completion of the authentication.

You can copy the access token from the page shown below.

PreviousApp + user token NextLaunch the web app

Last updated 4 months ago