Skip to main content


We recommend downloading, installing, and using Postman to test API requests and verify responses.

Set up Postman using OpenID Connect


To use the Implicit grant type with your requests in Postman, you need to grant access to a multi-tenant app in Azure AD to use CDF with Postman. To grant access, you need to be an Azure AD tenant administrator.

Follow the steps in How to register Cognite API to register the app.

When you have registered the app, you will be able to sign in with your Azure AD credentials.

Step 1: Import your Postman collection

  1. In Postman, select Import > Link and enter the URL to import your latest API V1 Postman collection:

    Import collection
  2. Select Continue > Import to import the collection.

Step 2: Set up environment variables

  1. To create a new environment, navigate to Environments on the left sidebar. Click + Create new Environment and give it a name.

    Create environment
  2. Add the variables:

    • tenant-id: This is your Directory (tenant) ID. To find the tenant ID, go to your Azure Active Directory. You can find your Tenant ID on the Overview page.

      Tenant ID

      We recommend that you work with the current value of a variable to prevent sharing sensitive and confidential information with your team.

    • token: Using OAuth 2.0, we will generate a new token. It will populate automatically, so you will leave it blank as an environment variable.

    • baseURL: You can find your baseURL from the CDF project. Navigate to your CDF project. Under Manage & Configure > Manage access, select Open ID connect tab. The URL in the audience field is the baseURL.

      Base URL
    • project: This is your CDF project name.

      Project name

Step 3: Update authorization

  1. To update the authorization, navigate to the Authorization tab in the collection overview.

  2. Select OAuth 2.0 as Type and Request Headers as Add auth data.

  3. Select Configure New Token and specify these configuration options:

    • Enter a Token Name.

    • Select the Grant Type as Implicit.

    • Input the Callback URL as


      If you don't select the checkbox Authorise using browser, you can input the Callback URL. Otherwise, the Callback URL gets auto-populated on selection. You will be redirected to the Callback URL once your application is authorized.

    • Enter the Auth URL as$tenant-id/oauth2/v2.0/authorize. Replace the tenant-id obtained from the previous step.

    • Input the Client ID as

    • The Scope is $baseUrl/$scope, where $baseUrl is as above in 2.2, and $scope is user_impersonation, DATA.VIEW, IDENTITY etc.

      user_impersonation grants all permissions to the user assigned to access the API. The DATA.VIEW scope grants read-only access to data in CDF, for example, to view files, time series, RAW, and other CDF resources. To know more about CDF's scopes, see the different Access token scopes.


      While using a scope for the first time, the admin has to define the scope explicitly. The admin must then consent to use this scope for the authorization process.

    • Select Client Authentication as Send as Basic Auth header.

      OAuth 2.0 implicit
  4. Select Get New Access Token > Proceed > Use Token.

You are now ready to use Postman with OIDC as the authentication method.