Call Manhattan Active® API using Postman

Get started with Manhattan Active® API using Postman

This guide will walk you through the steps for invoking an example REST API exposed by Manhattan Active®. The steps below will also assist you in establishing the authorization using OAuth v2.0 for invoking the API.

Before You Begin

  • Download and install Postman or an equivalent tool of your choice. If you already have Postman installed, update it to v9.0.9 or newer.
  • You will need the following information from the administrator who manages the implementation of Manhattan Active® applications for you:
    1. Application URL such as https://<unique_id>.omni.manh.com or https://<unique_id>.sce.manh.com or https://<unique_id>.scp.manh.com. We will use https://example.omni.manh.com for this document.
    2. Authorization Server URL such as https://<unique_id>-auth.omni.manh.com or https://<unique_id>-auth.sce.manh.com or https://<unique_id>-auth.scp.manh.com. We will use https://example-auth.omni.manh.com for this document.
    3. Values of client_id and client_secret parameters as configured by your administrator. Your administrator will need to create a custom client_id (documented elsewhere already) to be used with Postman. The administrator can look up the value of the respective client_secret. We will refer the client_secret as <client_secret> as the value of client_secret for this document. Please use your own client_secret value exclusive for your use cases.
    4. A valid username and password for you to authenticate yourself. We will use jerrythomas@example.com and p455w0rd respectively as the username and password for this document. These are not valid credentials at all. Please use valid credentials for your purposes.
  • As a sample REST API, we will use the endpoint that returns the details of your user. You may replace it with any other REST API that you have access to.

Steps

The step-by-step instructions below include the steps to obtain the authorization token for invoking the target REST API, followed by the invocation of the API.

Obtaining the Authorization Token

1. Open Postman and click on “New”

My Workspace Menu

2. In the pop-up dialog, select “HTTP Request”

New HTTP Request

3. Click on the “Authorization” tab in the request section under “Untitled Request”

Authorization Tab

4. Click on the “Type” drop-down and select “OAuth v2.0”.

Select OAuth 2.0

5. In the right-hand section, scroll down to the sub-section titled “Configure New Token”, and enter the values as shown below:

  1. Token Name: my-first-auth-token
  2. Grant Type: Authorization Code
  3. Callback URL: https://www.getpostman.com/oauth2/callback
  4. Auth URL: https://example-auth.omni.manh.com/oauth/authorize
  5. Access Token URL: https://example-auth.omni.manh.com/oauth/token
  6. Client ID: <client_id> should be created by your Administrator
  7. Client Secret: <client_secret> should be created by your Administrator
  8. Scope: leave empty
  9. State: leave empty
  10. Client Authentication: Send as Basic Auth header

Configure New Token

Click the “Get New Access Token” button to fetch the token.

6. Sign in with your username and password in the pop-up dialog. The pop-up may look different from the screenshot shown below depending on the Manhattan Active® application you are using.

Sign In

7. Upon a successful login, Postman will display the access token in the UI, and give you an option to use it.

Token Results

8. In the “Current Token” section of your REST API request, select my-first-auth-token from the list to make use of the token you obtained.

Select Available Token

Invoking the REST API call

1. To invoke the API to get the details of your username, set the URL to the value shown below:

http://example.omni.manh.com/organization/api/organization/user/allDetails/userId/jerrythomas@example.com

Set the HTTP method to GET. The inputs will look like this:

GET HTTP Request

Verify that the “Access Token” is set to my-first-auth-token in the “Current Token” section.

Click on the “Send” Button.

2. The API response in JSON format will be displayed in the section on the bottom

GET HTTP Response

You can inspect the response content and headers by switching the response tabs.

Pro Tip

With the access token, you can also invoke the API using curl as a command line option instead of Postman:

curl -L -X GET  -H 'Authorization: Bearer eyJhbGciOiJSUzI1Ni...' 'http://example.omni.manh.com/organization/api/organization/user/allDetails/userId/jerrythomas@example.com'

Learn More