How to create an Access Token using Postman

Search
Adobe Sign

Adobe Sign

Open app

Objective

Authorize the use of the Adobe Acrobat Sign REST API using Postman and the OAuth2 protocol.

Prerequisites

  • Administrator access to an Acrobat Sign enterprise tier account.
    • Group and Account level administrators are equally viable.   
  • Familiarize yourself with the guide for using OAuth to access Acrobat Sign APIs.
  • Download and install the Postman application.
  • Know which Acrobat Sign shard your account uses as the base URLs.
    • The shard is the parameter in the URL just before adobesign.com. e.g. na1 is the shard in this URL: api.na1.adobesign.com/api/rest/v6/baseUris

Example request:

GET https://api.na1.adobesign.com/api/rest/v6/baseUris

Example response:

{
    "apiAccessPoint": "https://api.na1.adobesign.com/",
    "webAccessPoint": "https://secure.na1.adobesign.com/"
}

 

Process

The below process uses a group-level administrator view to create a basic OAuth2 access token. Your application is likely to have different scopes using your own Redirect/Callback URL.

  1. Log in to Acrobat Sign as an administrator.

  2. Navigate to Acrobat Sign API > API Applications.

  3. Select the plus icon to open the Create dialogue window.

    Navigate to the API Applications subment and select Create

  4. Provide the Create dialogue with the required information and select Save.

    • Name -The Name value that is displayed in the application list.
    • Display Name - The name value displayed during the OAuth authentication process.
    • Domain - The scope of authority that the application can be entitled to:
      • CUSTOMER - The application only has access to data within the account.
      • PARTNER - The application has access to any authorized Acrobat Sign account.
    Configure the Name and Domain of the application

  5. Single-click the application in the listing to select it. The available actions for the application are exposed at the top of the list.

    Select Configure OAuth for Application to open the Configure OAuth panel.

    Select Configure OAuth for Application

  6. The Configure OAuth panel opens with the required information and select Save when done.

    • Redirect URI (Callback URL) - The URL that your application is redirected to after successful authorization.
    • Enabled Scopes - Enable each Scope and define the Modifier for the requesting API calls you intend to use.
    Configure the Configure OAuth panel

  7. Single-click the application in the listing to select it.  

    Select View/Edit to open the View/Edit panel.

  8. Copy and save the Application ID and an ACTIVE status Client Secret.

    If there are no ACTIVE client secrets, create one by selecting the plus icon .

    Select View/Edit

  9. Open the Postman application and navigate to Start with something new > Create New > HTTP Request.

    Open POSTMAN and create a new HTTP Request

  10. Configure the new token:

    In the top input field, insert the API endpoint

    • Endpoint: Enter an Acrobat Sign REST endpoint.
      • Select the method (GET, PUT, POST)
      • Enter the desired endpoint. e.g., https://api.na1.adobesign.com:443/rest/v6/agreements

    On the Authorization tab, Configuration Options section, configure:

    • Type: OAuth 2.0
    • Token Name: Provide an intuitive name for the token (stored in Postman).
    • Grant Type: Select Authorization Code.
    • Callback URL: This is the same value as the Redirect URI defined in step 6.
      • If you don't have a callback URL, you can use the default helper URL: https://oauth.pstmn.io/v1/browser-callback.
    • Auth URL: Acrobat Sign's entry point for OAuth2 authentication. e.g., https://secure.na1.adobesign.com/public/oauth/v2.
    • Access Token URL: A URL used to exchange a token authorization code. e.g., https://secure.na1.adobesign.com/public/oauth/v2/token.
    • Client ID: Enter the Application ID from step 8.
    • Client Secret: Enter the Client Secret from step 8.
    • Scope: Enter one or more Scopes (space delimited). e.g.: agreement_read:self agreement_write:self
    • State: Enter a personalized string of any nature. Used to prevent cross-site request forgery requests.
    • Client Authentication: Select Send as Basic Auth header
    Configure the new token

  11. Select the Get New Access Token button to trigger the authentication process to Acrobat Sign.

  12. Authenticate to Acrobat Sign with your administrator credentials and select Allow Access when prompted to do so.

    Authenticate to Acrobat Sign and allow the OAuth connection

  13. When the Authentication complete message is received, select the Proceed button. This opens the Manage Access Tokens panel.

    Postman token generation complete

  14. Select Use Token on the Manage Access Tokens panel to start using the new token.

    • The Access Token is the Bearer token used to issue requests through Postman (or any other web client).
      • REST API calls to Acrobat Sign can be executed by adding the token as an Authorization header in the request. e.g.: Authorization: Bearer 3AAABLblqZhCtVr4yFFr
       Authorization: Bearer 3AAABLblqZhCtVr4yFFr...
    • The refresh_token can be used to refresh the Bearer token when it expires.

    Example refresh request:

        POST https://secure.na1.adobesign.com:443/oauth/v2/refresh
    "Content-Type", "application/x-www-form-urlencoded"
    Request body should contain the following parameters:
    "grant_type": refresh_token
    "client_id": <<Adobe Sign Application ID, step (05)>>
    "client_secret": <<Adobe Sign Application Secret, step (05)>>
    "refresh_token": <<Take refresh token from Postman, 'Manage Access Tokens' dialog.

    Example refresh token response:

    {  
    "access_token": "3AAABLblqZhDBytK",
    "token_type": "Bearer",
    "expires_in": 3600
)

Get help faster and easier

New user?

Quick links

View all your plans Manage your plans
View quick links
Hide quick links

Legal Notices    |    Online Privacy Policy