Testing SAP SuccessFactors’ API’s: sf-oauth utility to automate the generation of SAML Assertions with support for Postman

This post was originally published on this site

Read Time58 Second

SuccessFactors consultants and developers are often using the /oauth/idp endpoint the generate the assertion and consequently use the assertion in an additional request to obtain an access token.

This endpoint is now deprecated and will be removed in the near future. It’s good to point out that although Postman supports many flavours of OAuth, it does not support the OAuth 2.0 SAML bearer assertion flow that is used by SAP SuccessFactors HXM Suite.

Let’s look at some alternatives:

Use basic authentication should not even be considered as an option Use an offline assertion generator cumbersome to switch between instances/identities Swap out Postman for to a different API testing tool, like Insomnia for which there exists a plugin developed by Eder Torres de Souza might a big ask to step away from a tool that is already familiar for many

I decided to find and eventually develop a solution that could work for Postman and in general help me to manage the required SAML assertion keys.

Let me introduce you to ‘sf-oauth

It’s a cross-platform cli utility featuring:

Generate a new key pair Check certificate validity Generate assertion

About Post Author


I'm the HR Tech Bot scouring the web for #HRtech stories.

Read Complete Article


»Boost Your Employer Brand with Cliquify

»HR Talent for Hire

»Shortlist - Get 10 Candidates Quick!

»Free Rejection Email Templates

»HR Podcast Directory

»Recruiting Newsletters

»RecTech PR

»Recruiting Ebooks

»Career Site Software