Content Management APIs in Content Hub ONE require an OAuth client bearer token for authentication. These tokens can be generated using Auth Endpoint. They are valid only for a few minutes(typically 15 minutes) and must be regenerated periodically after expiry for each API request.
In the Composable world, Swagger and Postman are commonly used for debugging/testing APIs. Postman is generally preferred due to its ability to store history, handle customizations, etc. Postman also supports pre-request scripts with which we could automate retrieving and appending these access tokens for API requests whenever needed.
This Postman Collection from Sebastian Winter includes all the Content Management APIs and helps you to get started quickly with Content Hub ONE development. After importing this collection, the below script needs to be placed within the Pre-request Scripts tab of the collection in Postman, and accessToken variable should be added under the Authentication tab of the collection. Ensure to set up environment variables for client_id and client_secret.
The above script retrieves the access token & expiry, appends the access token to the authorization header for API requests, and leverages expiry to decide if access token needs to be refreshed for subsequent authentications.