Making a request

Let's make an authentication request:

It is a POST request sent to https://kassensichv-middleware.fiskaly.com/api/v2/auth (since we are using the value of the variable {{baseUrl}} from the Environment).

You can check the body of the request by clicking on the Body tab:

The request body is:

{
    "api_key": "{{api_key}}",
    "api_secret": "{{api_secret}}"
}

Postman receives the following response from the server:

The green response code "200 OK" indicates that the request was successful.

Here is the response, in full:

{
    "access_token": "eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJHWnp4YnVOOFpDYWZuSzF4UldlMDhjYVdnWEg5eDFPTWZPR1d5eWpycFM0In0.eyJqdGkiOiIwYWRkYTA2YS1lNjdjLTQwOWUtOGUyYS05YmZjODg2ZjliMmYiLCJleHAiOjE2MjY2Nzg4NjMsIm5iZiI6MCwiaWF0IjoxNjI2Njc4MjYzLCJpc3MiOiJodHRwczovL2F1dGguZmlza2FseS5jb20vYXV0aC9yZWFsbXMvZmlza2FseS1kZXYiLCJzdWIiOiI5NzBlYWVkZC1mYTg1LTQwMzItYTZjMi04Y2FmZWU3ZTc0ZmUiLCJ0eXAiOiJCZWFyZXIiLCJhenAiOiJrYXNzZW5zaWNodi1hcGkiLCJhdXRoX3RpbWUiOjAsInNlc3Npb25fc3RhdGUiOiJhYmQyMTUyYy0yNThjLTRlYzEtYTlhZC04Y2Q0MWI4MWY4YTIiLCJhY3IiOiIxIiwic2NvcGUiOiJvcmdhbml6YXRpb24iLCJvcmdhbml6YXRpb24iOiIwYmQxMThhMS1lZWQ3LTQwNjUtOWU2Yi03MTBhYjNhYWY0NDUiLCJ0eXBlIjoiQVBJX0tFWSIsImVudiI6IlRFU1QifQ.NjbHHroJUStmenHKlDGwDkA8yaXi1D0tJYbb_JMZWeO_fN9TKbheG6gCW6lJcbDjOm-gOS9ffh-dhZRCFD3rV6f7wpK8wRuQj3SuUPsWTH-pNmG-LReYij-vFSU_2BIJSdIQ2BcFr1P5pGSZzSxYDcxO-15EthGh-3hsxGz8faSkzY4aYPXTyOynC0t5lZG1zlfoNpp3Cobznjap8Pat5hpHKy7juBEt70zfykgVCNY7jBHcKKvF9P5g9ataaU_2PTn5ot39ByfHJhQKKyTkG3BbFUggINNcpPxv8KmeolL1uDADaiSZ0V_DKpkYW405qJ1j979hwBBcNPaAc5491g",
    "access_token_claims": {
        "env": "TEST",
        "organization_id": "0bd118a1-eed7-4065-9e6b-710ab3aaf445"
    },
    "access_token_expires_in": 600,
    "access_token_expires_at": 1626678863,
    "refresh_token": "eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJjODI0ZGViOC0zM2Q3LTRmZjAtYTU1NS1kNGRiYzkxYmEyOTQifQ.eyJqdGkiOiI5MjhjZDcwMi0zOGI5LTRhM2ItODAzNi01ZGUyZTVjY2E4MWUiLCJleHAiOjE2MjY2Nzg4NjMsIm5iZiI6MCwiaWF0IjoxNjI2Njc4MjYzLCJpc3MiOiJodHRwczovL2F1dGguZmlza2FseS5jb20vYXV0aC9yZWFsbXMvZmlza2FseS1kZXYiLCJhdWQiOiJodHRwczovL2F1dGguZmlza2FseS5jb20vYXV0aC9yZWFsbXMvZmlza2FseS1kZXYiLCJzdWIiOiI5NzBlYWVkZC1mYTg1LTQwMzItYTZjMi04Y2FmZWU3ZTc0ZmUiLCJ0eXAiOiJSZWZyZXNoIiwiYXpwIjoia2Fzc2Vuc2ljaHYtYXBpIiwiYXV0aF90aW1lIjowLCJzZXNzaW9uX3N0YXRlIjoiYWJkMjE1MmMtMjU4Yy00ZWMxLWE5YWQtOGNkNDFiODFmOGEyIiwic2NvcGUiOiJvcmdhbml6YXRpb24ifQ.h2A3BrwXAJIxRjCYsXd4WxcNZgcRblAn1rfwdteZo8Q",
    "refresh_token_expires_in": 600,
    "refresh_token_expires_at": 1626678863
}

We obtain an access token, and a refresh token. Postman stores the new values in variables:

These values are then used in subsequent requests.

The access token expires in 600 seconds, after which the authentication request must be run again. (In production, this will be changed to around 24 hours.)

You can similarly see the header and body, and check the server's response, for all the other requests in this collection.

Postman makes all these operations convenient and easy.