Authorization Flow For Postman Tests
This sequence diagram describes how the Postman tests are run, given that the OpenMDM API is secured with oAuth. We have in our OAuthDB init scripts a "Postman Client" which gets created. This registers Postman as a valid oAuth 2.0 client. Thus, Postman can call the OAuth Server to get an Access Token, and then for each API call, Postman will pass in this Access Token as a Bearer token in an Authorization Header. Here is the diagram to illustrate this: