Skip to main content

required-oauth2-access-token-url

Overview

This rule belongs to the postman-validation ruleset and states that:

If the authentication type is oauth2 and grant_type is set as client_credentials, password or authorization_code, then the authentication object must specify a non-empty access token URL to be used for this grant type, using the accessTokenUrl property. If the access token URL information is missing, a dummy value will be assigned to it automatically during import/transformations in APIMatic.

PropertyValue
EnabledYes
Maximum SeverityError
MessageRequired accessTokenUrl property in authentication configuration is missing.
CodePOSTMAN_V501
TypeValidation
Rule SystemSemantic
Broad CategoryAuthentication
Products ImpactedAPI Transformer, Code Generation, Developer Experience Portal
Tagspostman api semantic validation url access token oauth2 type authentication

Suggested Fixes

  • Add missing accessTokenUrl property in the oauth2 authentication definition.
  • Make sure that the accessTokenUrl property in the oauth2 authentication object is not empty and is a valid absolute URL.
  • Choose a different grant_type in the oauth2 authentication object if the current URL is not applicable for your API authentication.
  • In the Postman application, open the target request/folder/collection level authentication configuration settings by navigating to the relevant Auth section. Next, select OAuth 2.0 from the Type dropdown, then ensure that the Access Token URL property is set to a valid absolute URL. Save and export your Postman Collection file again.
  • Choose a different grant type from the Grant Type dropdown in the Auth section if the current access token URL is not applicable for your API authentication.

For More Information