This configuration is for private environments as it supports modern OAuth2/OIDC standards, service accounts, MFA, and audit logging. For Saas/Cloud Tenants continue with CAS until a self-hosted version is supported. See: Intro to REST APIs.
OAuth 2.0
In order to authenticate as an API client with Provider Connectivity Assurance, users can use OAuth 2.0. In this guide, we will explain how to configure Postman to use OAuth 2.0 authentication.
Requirements
- Have Postman installed on your PC
- Have a valid Organization Owner account for your instance of Provider Connectivity Assurance. For example, the default admin user for the deployment.
Step 1: Create a Request in Postman
-
Enter your request URL in Postman.
In this example, we will perform a call to retrieve connector configs:GET /api/v2/connector-configs
. -
Enter the tenant domain as appropriate for your Provider Connectivity Assurance deployment.
Note: Sending the request will result in a 401 response from Provider Connectivity Assurance.
Step 2: Select OAuth 2.0
- From the Authorization tab for the request, set the
Type
to OAuth 2.0.
Step 3: Obtain Client ID from the Identity and Access Management Service
-
Log in to your deployment's identity and access management service at: https://auth.{{domain-name}} if your deployment is configured with a domain name or https://{{ip}}:3443 if it is not.
-
Navigate to the tenant organization.
Note: In this example the organization is namedpca
.
-
From the Projects tab, select the Analytics project.
-
Choose the AnalyticsUI User Agent Application.
-
From the top-right corner of the screen, copy the Client Id.
Step 4: Enter the Required Configuration
- Enter the following values for the Oauth 2.0 configuration:
Note: In this example, the domain name configured for the deployment is npi.npav.accedian.net
and the tenant is pca
.
Field | Value |
---|---|
Token Name | My Token |
Grant Type | Authorization Code (With PKCE) |
Callback URL | https://pca.npi.npav.accedian.net/login |
Auth URL | https://auth.npi.npav.accedian.net:443/oauth/v2/authorize |
Access Token URL | https://auth.npi.npav.accedian.net:443/oauth/v2/token |
Client ID | {Copied Client ID from Step 3} |
Client Secret | empty |
Code Challenge Method | SHA-256 |
Code Verifier | empty |
Scope | openid email profile |
State | empty |
Client Authentication | Send as Basic Auth header |
Step 5: Obtain an Access Token
-
Click the Get New Access Token button.
A window will appear asking you to log in. -
Log in using your API user's credentials.
-
Click the use Token button.
Step 6: Send the Request
- Send the request.
You will now be authenticated.
© 2025 Cisco and/or its affiliates. All rights reserved.
For more information about trademarks, please visit: Cisco trademarks
For more information about legal terms, please visit: Cisco legal terms
For legal information about Accedian Skylight products, please visit: Accedian legal terms and tradmarks