Examples of Authorisation and use of the Actionstep API in the staging environment using Postman
This guide is to help you connect to the Actionstep system to ensure you have access.
It assumes the user has never used Postman or connected to the Actionstep API before.
It will be presented as a step-by-step guide, indicating the request and response payloads for both successful and unsuccessful operations.
First, it is assumed the developer is using a PC running Windows 10 and they have downloaded and installed the latest Google Chrome web browser.
Download and install the latest “Postman for Windows” (32 or 64bit) from
https://www.getpostman.com/downloads/
2. After Postman is installed it will automatically open and display its quick access screen i.e.
3. Select the “Request” shortcut.
4. When the “New Request” screen is displayed, select the “Authorization” tab.
5. When the Authorization tab is displayed, select “OAuth 2.0” from the TYPE dropdown.
6. The authorization screen will now display the OAuth 2.0 options i.e.
7. Select the “Get New Access Token” button.
8. The “GET NEW ACCESS TOKEN” form will be displayed.
Enter the following information into the form then select the “Request Token” button:
Token Name Give the access token a name or leave it as "Token Name"
Grant Type Select "Authorization Code" from the dropdown
Callback URL https://www.getpostman.com/oauth2/callback
Auth URL https://go.actionstepstaging.com/api/oauth/authorize
Access Token URL https://api.actionstepstaging.com/api/oauth/token
Client ID enter your ClientID here
Client Secret enter your Client Secret here
Scope all
Client Authentication Select "Send client credentials in body" from the dropdown
9. The Actionstep API Authorization form will be displayed
10. Enter the email and password you use when logging onto Actionstep then select the “Log In” button i.e.
11. After your credentials have been confirmed you may be asked to select the DB that you want to connect to using the API. This will only happen in the event that you are able to connect to more than one Actionstep DB. If the following form is displayed then ….
Select the DB from the dropdown then select the “Grant Access” button.
12. The “MANAGE ACCESS TOKENS” form will be displayed
13. Scroll to the bottom of the form and select the “Use Token” button.
14. The “New Request” screen will be displayed again with the Access Token field populated.
15. Now that we are authorized and have an access token we are ready to create our first request.
We enter the URL of the endpoint to GET the Actions from the Actionstep API then select the “Send” button i.e.
https://ap-southeast-2.actionstepstaging.com/api/rest/actions
16. The Request is sent and the Response is displayed at the bottom of the screen. Scroll down to see the Response i.e.
17. Scrolling the contents will let you see more of the JSON returned with the Action details. i.e.
18. In the event you have mistyped the URL or you request information from a non-existent endpoint you may see the following error message:
If your access token has expired you will receive the following error message:
if you try to connect with incorrect ClientID or Client Secret you will receive the following error message:
{"error":"invalid_client","error_description":"The client_id specified in invalid","error_uri":"http:\/\/tools.ietf.org\/html\/rfc6749#section-4.1.1"}