search

postmanlabs / postman-app-support

Postman is an API platform for building and using APIs. Postman simplifies each step of the API lifecycle and streamlines collaboration so you can create better APIs—faster.
https://www.postman.com
5.83k stars 838 forks source link

Allow Collection to define multiple Authorization methods #10288

Open donrolling opened 3 years ago

donrolling commented 3 years ago

Is there an existing request for this feature?

Is your feature request related to a problem?

My application has several login scenarios with different headers and auth/token endpoints for each of the methods. I can currently only define one auth method per collection.

Describe the solution you'd like

The collection-level auth screen is pretty good, but it would be nice if I could define all of those Auth flows and then choose an active one for the current bit of testing that I'm doing.

This would help me because then each method would be documented and saved with little effort.

Describe alternatives you've considered

An alternative would be to duplicate the collection and redefine the auth flow in the duplicated collection. That is messy because any and all changes to the requests are split between two nearly identical collections.

Additional context

No response

eljefedelrodeodeljefe commented 1 year ago

We are also interested in this. Mainly also because it is also inconvenient for the user when we switch authentication methods.

dimitrios-michelakis commented 1 year ago

Yes please!

AnjanaPanju commented 1 year ago

@donrolling @dimitrios-michelakis @eljefedelrodeodeljefe

Thank you for reaching out to us. I'm Anjana Panju, a product designer at Postman. I'd like to learn more about your use cases and requirements for multiple authorizations methods in collections.

If you're open to sharing more or have other feedback, please feel free to schedule a conversation via Calendly or email me at anjana.panju@postman.com.

Thanks again! Anjana Panju

rythmic commented 1 year ago

Hey, I would also like to join this conversation.

We have this case where two different entities from different authentication pools (in our case oauth 2 user pools) They co-operate to perform scenarios. We can call the entities A and B

A creates a resource X B subscribes to X A changes X to new state B adds data to X now that the resource is in the new state

.... and so on

These actions are all REST based and needs to be performed in a sequence

It could actually also be useful to be able to have several A and B. Basically A1 and A2 from user pool A and B1 B2 from user pool B

donrolling commented 1 year ago

It has been awhile since I needed this feature. I think I wanted it because we had an api that had several possible ways to authenticate and I wanted to store each way into the collection configuration so that the whole team would have all of the options available to them when they needed to sign in.

On Thu, Sep 7, 2023, 4:17 AM AnjanaPanju @.***> wrote:

@donrolling https://github.com/donrolling @dimitrios-michelakis https://github.com/dimitrios-michelakis @eljefedelrodeodeljefe https://github.com/eljefedelrodeodeljefe

Thank you for reaching out to us. I'm Anjana Panju, a product designer at Postman. I'd like to learn more about your use cases and requirements for multiple authorizations methods in collections.

If you're open to sharing more or have other feedback, please feel free to schedule a conversation via Calendly http://url or email me at @.***

Thanks again! Anjana Panju

— Reply to this email directly, view it on GitHub https://github.com/postmanlabs/postman-app-support/issues/10288#issuecomment-1709791635, or unsubscribe https://github.com/notifications/unsubscribe-auth/AANSD52KIIIZFKC4MEJIX3TXZGGKPANCNFSM5DXRLXQQ . You are receiving this because you were mentioned.Message ID: @.***>

ckrebeca commented 6 months ago

Interested on this feature as well!

NileshMSD commented 3 months ago

Interested in this feature as well!

bjsafdie commented 2 months ago

Another upvote for this feature.

We have an API that is accessed from a mobile app via the OAuth Code Flow model using delegated user credentials. The API is also accessed from internal services and websites using the OAuth Client Credential model.

It would be nice if we could create two "Authentication Profiles" in the collection—one for the Code Flow auth and one for the Client Credentials auth—and easily switch between them.

ianis-c commented 2 days ago

I use Postman to chat with some Elasticsearch and Opensearch clusters. Some use basic auth, some other AWS Signature, ... I'd like to be able to use the same collection with the different auth configs being defined on the collection.