Examples of Authorisation and use of the Actionstep API in the staging environment using Postman

This guide is to help you connect to the Actionstep system to ensure you have access.

It assumes the user has never used Postman or connected to the Actionstep API before.

It will be presented as a step-by-step guide, indicating the request and response payloads for both successful and unsuccessful operations.

First, it is assumed the developer is using a PC running Windows 10 and they have downloaded and installed the latest Google Chrome web browser.

1. Download and install the latest “Postman for Windows” (32 or 64bit) from

https://www.getpostman.com/downloads/

Open

2. After Postman is installed it will automatically open and display its quick access screen i.e.

Open

3. Select the “Request” shortcut.

4. When the “New Request” screen is displayed, select the “Authorization” tab.

5. When the Authorization tab is displayed, select “OAuth 2.0” from the TYPE dropdown.

6. The authorization screen will now display the OAuth 2.0 options i.e.

7. Select the “Get New Access Token” button.

8. The “GET NEW ACCESS TOKEN” form will be displayed.

Enter the following information into the form then select the “Request Token” button:
                Token Name                      Give the access token a name or leave it as "Token Name"

                Grant Type                          Select "Authorization Code" from the dropdown

                Callback URL                      https://www.getpostman.com/oauth2/callback

                Auth URL                             https://go.actionstepstaging.com/api/oauth/authorize

                Access Token URL            https://api.actionstepstaging.com/api/oauth/token

                Client ID                               enter your ClientID here

                Client Secret                      enter your Client Secret here

                Scope                                    all

                Client Authentication     Select "Send client credentials in body" from the dropdown

9. The Actionstep API Authorization form will be displayed

10. Enter the email and password you use when logging onto Actionstep then select the “Log In” button i.e.

11. After your credentials have been confirmed you may be asked to select the DB that you want to connect to using the API. This will only happen in the event that you are able to connect to more than one Actionstep DB. If the following form is displayed then ….
Select the DB from the dropdown then select the “Grant Access” button.

12.   The “MANAGE ACCESS TOKENS” form will be displayed

13.   Scroll to the bottom of the form and select the “Use Token” button.

14.   The “New Request” screen will be displayed again with the Access Token field populated.

15.   Now that we are authorized and have an access token we are ready to create our first request.
We enter the URL of the endpoint to GET the Actions from the Actionstep API then select the “Send” button i.e.

https://ap-southeast-2.actionstepstaging.com/api/rest/actions

16.   The Request is sent and the Response is displayed at the bottom of the screen. Scroll down to see the Response i.e.

17.   Scrolling the contents will let you see more of the JSON returned with the Action details. i.e.

18.   In the event you have mistyped the URL or you request information from a non-existent endpoint you may see the following error message:

If your access token has expired you will receive the following error message:

if you try to connect with incorrect ClientID or Client Secret you will receive the following error message:

{"error":"invalid_client","error_description":"The client_id specified in invalid","error_uri":"http:\/\/tools.ietf.org\/html\/rfc6749#section-4.1.1"}