Variable 1 (token_url) -> this is simply the url of your SAS Viya Server.  If you are running directly on Viya, this would / could be "localhost.  Postman just needs to be able to find "/SASLogon" here.

Variable 2 (encoded_id_secret) - this is the base64 encoded output from "${CLIENT_ID}:${CLIENT_SECRET}"  (Basic Authentication).  So, client_id + ":" + client_secret, base64 encoded.  There are online generators to help you create this, eg:  https://www.blitter.se/utils/basic-authentication-header-generator/

Variable 3 (OAUTH username / password) - this is the regular username / password you use to log into Viya.

Hope this helps.  By the way, this approach (with embedded username / password) is known as "implicit" flow.  The alternative (authorization_code)  is quite similar - this article may help: https://communities.sas.com/t5/SAS-Communities-Library/Token-Management-in-HTML5-Viya-Apps/ta-p/6523... 

Thank you Allan for your prompt response, it is highly appreciated.

One more clarification, I already registered the client and assigned a client secret using this script:

curl -X POST "https://localhost/SASLogon/oauth/clients" \ 
      -H "Content-Type: application/json" \ 
      -H "Authorization: Bearer $access_token" \ 
       -d '{ "client_id": "app", "client_secret": "cs123secret", "scope": ["openid"], "authorized_grant_types": ["password"], "access_token_validity": 43199 }'

$access_token is coming from a script executed based on client.token file in SAS server.

My question is with regards to the variable #2: encoded_id_secret Should I just define it as app:cs123secret  and it will generate the token that I will use the get method later to continue with?

Hi Allan,

There is one final thing as follow:

I am able to a get an access token anytime using this command on shell

curl -k -X POST "https://aeadsaswf01-afs.adfca.ae/SASLogon/oauth/token" \
-H "Content-Type: application/x-www-form-urlencoded" \
-d "grant_type=password&username=wael.k.aburizq&password=Password1" \
-u "mysasclient:Mysecret"

However, this postman pre-request script is not working knowing that "bXlzYXNjbGllbnQ6TXlzZWNyZXQ=" is coming from basic-authentication-header-generator  for the above client_id and secret in the "u"

pm.sendRequest({
    url: "https://aeadsaswf01-afs.adfca.ae/SASLogon/oauth/token",
    method: 'POST',
    header: {
        'Authorization': 'Basic '+ "bXlzYXNjbGllbnQ6TXlzZWNyZXQ=",
        'Accept': 'application/json',
        'Content-Type': 'application/x-www-form-urlencoded',
    },
    body: {
          mode: 'urlencoded',
          urlencoded: [
            {key: "grant_type", value: "password", disabled: false},
            {key: "username", value: pm.environment.get("OAUTH_USERNAME"), disabled: false},
            {key: "password", value: pm.environment.get("OAUTH_PASSWORD"), disabled: false}
        ]
    }
  }, function (err, res) {
        pm.environment.set("authToken", res.json().access_token);
});

The error is:

There was an error in evaluating the Pre-request Script:  Error: Unexpected token u in JSON at position 0

Strange.  I wonder if there's something preventing implicit flow in your Environment Manager setup.

If you have the admin rights, you could get yourself a token using SASStudioV, just step through the following:

/*compile macros from macrocore library (or download and run seperately) */
filename mc url "https://raw.githubusercontent.com/macropeople/macrocore/master/mc_all.sas?_=3";
%inc mc;

/* register new client with random cliend_id & secret */
%mv_registerclient()

/* take the link from the log above, and open it in a browser */
/* then paste the auth code in the macro below and run it */
 %mv_tokenauth(code=LD39EpalOf)

This will give you an access_token and refresh_token suitable for an authorization_code approach as described here: https://communities.sas.com/t5/SAS-Communities-Library/Token-Management-in-HTML5-Viya-Apps/ta-p/6523...

I see,

but the idea behind is that I will embed a REST API for a ML model into one of the local systems. This API needs an access token before it is executed, so I need to keep passing active tokens in the requests.

I hope I was able to make it more clear now

@WaelAburezeq,

Can you provide the results of the "Code" output from Postman and the Postman Console contents for this call?

This is the result from Postman, I just want to highlights some points:

1- The URL variable won't work unless it is added to current not only initial value in the environment variable.

2- Switching SSL off in the settings 

Here is the output results, it also set the access id token <authToken> environment variable as per the code.

curl --request POST 'https://aeadsaswf01-afs.adfca.ae/casManagement/servers/cas-shared-default/sessions' \
--header 'Content-Type: application/vnd.sas.cas.session+json' \
--header 'Authorization: Bearer eyJhb...............'

The output console:

Host name is mandatory (although it is not mentioned in the code above), I chose to set it manually.

Hi @WaelAburezeq, 

Were you ever able to get the pre-req script to run? I copied the JSON you provided in an earlier comment and was able to get an access token. Perhaps there is a stray character in your pm.sendRequest JSON that is causing the ' Error: Unexpected token u in JSON at position 0' error. The 'u' in the error represents undefined, which normally indicates a parsing error with the JSON code.

Thanks,

Joe