Testing Oauth2 authorization with SoapUI
We assume that you already have Soap UI installed. If not, open source installation package could be found on https://www.soapui.org/downloads/soapui/.
Run SOAP UI, if you alredy have a project, that you would like to update with authorization profile - go to it. Otherwise go to File ---> New REST Project. As an example we will create Managment Api call poject. Specify URI to request as follows:
<Managment Gate URL>
where <Managment Gate URL> is the value in your configuration *.json.
Find Auth tab in the left bottom corner of the screen, then choose "Add New Authorization..." .
Choose "OAuth2.0" authorization type, profile name is up to you:
Now go to "Get token":
Choose "Authorization Code Grant". The rest fields must be filled as follows:
- "Client identification" and "Client Secret" are the Login/Password of the IBM i user, defined as a i2Rest Server client in configuration *.json.
- Assuming that you didn't change default settings in configuration *.json, "Authorization URI" and "Access Token URI" should look like <main gate url>/<value described
in OAuth2 object defenition>.
- "Redireсt URI" is a value, defined in Clients object in configuration *.json.
- "Scopes" - the scope requred. The scope for management API call specified as an example.
Then click on "Get token".
You will be prompted for a Login and a password. Login/Password of the IBM i user, defined in Users object must be entered.
Now it's time to decide either access to a displayed client with displayed scope will be granted or denied. We beleive you click on "Allow" button...
Highlighted with green "Access Token" field shows us the symbols which are the token we obtained from the i2Rest Server. Now we are authorized to make requests to protected resources on it!
