{ "info": { "name": "OAuth 2.0 - Client Credentials Flow", "description": "A collection demonstrating the Client Credentials Flow in OAuth 2.0. Includes token request, protected API call, and error simulation.", "schema": "https://schema.getpostman.com/json/collection/v2.1.0/collection.json" }, "item": [ { "name": "Step 1 - Get Access Token", "request": { "method": "POST", "header": [ { "key": "Content-Type", "value": "application/x-www-form-urlencoded" } ], "body": { "mode": "urlencoded", "urlencoded": [ { "key": "grant_type", "value": "client_credentials" }, { "key": "client_id", "value": "{{client_id}}" }, { "key": "client_secret", "value": "{{client_secret}}" } ] }, "url": { "raw": "{{auth_server_url}}/token", "host": [ "{{auth_server_url}}" ], "path": [ "token" ] } } }, { "name": "Step 2 - Call Protected API", "request": { "method": "GET", "header": [ { "key": "Authorization", "value": "Bearer {{access_token}}" } ], "url": { "raw": "{{api_url}}/internal/reports", "host": [ "{{api_url}}" ], "path": [ "internal", "reports" ] } } }, { "name": "Step 3 - Simulate Expired Token", "request": { "method": "GET", "header": [ { "key": "Authorization", "value": "Bearer EXPIRED_OR_INVALID_TOKEN" } ], "url": { "raw": "{{api_url}}/internal/reports", "host": [ "{{api_url}}" ], "path": [ "internal", "reports" ] } } } ], "variable": [ { "key": "auth_server_url", "value": "https://auth.example.com" }, { "key": "api_url", "value": "https://api.example.com" }, { "key": "client_id", "value": "your-client-id" }, { "key": "client_secret", "value": "your-client-secret" }, { "key": "access_token", "value": "" } ] }