If you just hit the endpoints you'll get errors indicating that you're unauthenticated, right? Well, you can browse the app normally just enough to get the token in the URL line of the browser and then hand that token in to API calls as a header with Postman. That is the workaround for this. Even if you redirect after getting the token in the app, from any one "page" that's not superficial you should be able to look at the API calls in the Network tab of Google Chrome Developer Tools and drill into one of the API calls to get at the token.
No comments:
Post a Comment