{"info":{"_postman_id":"bda9f1fd-1341-4f24-bc5b-4451eb876d5d","name":"MiTrust For ServiceProviders","description":"<html><head></head><body><p>MiTrust sharing-flow follows the standard OAuth2 Authorization code flow.</p>\n</body></html>","schema":"https://schema.getpostman.com/json/collection/v2.0.0/collection.json","toc":[],"owner":"106688","collectionId":"bda9f1fd-1341-4f24-bc5b-4451eb876d5d","publishedId":"Tzm9iEHU","public":true,"customColor":{"top-bar":"FFFFFF","right-sidebar":"303030","highlight":"EF5B25"},"publishDate":"2021-07-13T15:26:46.000Z"},"item":[{"name":"Availability","item":[{"name":"Count available DPs","id":"62c15489-abfb-4210-8958-1af9b550161a","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"GET","header":[],"url":"https://sbx-app.m-itrust.com/v2/public/dp/statistics?scope=name address&client_id=sbx_MiTrust_Integration_Tutorial.gb","description":"<p>This request will answer the number of available data sources given the input arguments.</p>\n<p>As MiTrust offers many data sources, its is recommended that requests made to this API use the same scope that you would use to start the Sharing Flow.</p>\n<p>A more generic scope, like <code>name address</code> from this sample, will answer that many sources are availalbe, whereas the data source that you actually need for your use case will be hidden amongst them.</p>\n","urlObject":{"protocol":"https","path":["v2","public","dp","statistics"],"host":["sbx-app.m-itrust.com"],"query":[{"key":"scope","value":"name address"},{"key":"client_id","value":"sbx_MiTrust_Integration_Tutorial.gb"}],"variable":[]}},"response":[{"id":"e5a82944-6c0c-408a-b4db-9003b7d0637c","name":"Get list of DP","originalRequest":{"method":"GET","header":[],"url":{"raw":"https://sbx-app.m-itrust.com/v2/public/dp/statistics?scope=name address&client_id=sbx_MiTrust_Integration_Tutorial.gb","protocol":"https","host":["sbx-app.m-itrust.com"],"path":["v2","public","dp","statistics"],"query":[{"key":"scope","value":"name address"},{"key":"client_id","value":"sbx_MiTrust_Integration_Tutorial.gb"}]}},"status":"OK","code":200,"_postman_previewlanguage":"json","header":[{"key":"Content-Type","value":"application/json"},{"key":"Date","value":"Wed, 12 Apr 2023 09:37:27 GMT"},{"key":"Content-Encoding","value":"gzip"},{"key":"Transfer-Encoding","value":"chunked"},{"key":"Vary","value":"accept-encoding"},{"key":"X-XSS-Protection","value":"0"},{"key":"Strict-Transport-Security","value":"max-age=631138519; includeSubDomains; preload"},{"key":"X-Frame-Options","value":"DENY"},{"key":"X-Content-Type-Options","value":"nosniff"},{"key":"Referrer-Policy","value":"no-referrer"},{"key":"Content-Security-Policy","value":"default-src 'self' https: blob:; font-src 'self' https: data:; img-src 'self' https: data: blob:; object-src 'none'; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' https: 'unsafe-inline'"},{"key":"X-Download-Options","value":"noopen"},{"key":"X-Permitted-Cross-Domain-Policies","value":"none"},{"key":"Permissions-Policy","value":"accelerometer=(),ambient-light-sensor=(),attribution-reporting=(),autoplay=(),battery=(),camera=(\"https://id.ubble.ai\" self),clipboard-read=(),clipboard-write=(self),conversion-measurement=(),cross-origin-isolated=(),direct-sockets=(),display-capture=(),document-domain=(),encrypted-media=(),execution-while-not-rendered=(),execution-while-out-of-viewport=(),focus-without-user-activation=(),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),idle-detection=(),interest-cohort=(),magnetometer=(),microphone=(),midi=(),navigation-override=(),otp-credentials=(),payment=(),picture-in-picture=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),shared-autofill=(),speaker-selection=(),storage-access-api=(),sync-script=(),sync-xhr=(),trust-token-redemption=(),usb=(),vertical-scroll=(),wake-lock=(),web-share=(),window-placement=(),xr-spatial-tracking=()"},{"key":"MiTrust-azure_instance_id-gateway","value":"ac7f117b050eb61e25bd27756f58eefc7e880fde7c706cd66af9e82558920597"},{"key":"MiTrust-git_sha1-gateway","value":"c515f35a2bcc3d02465243be0c9584ed7752b976"},{"key":"MiTrust-azure_instance_id-datasharing","value":"ac7f117b050eb61e25bd27756f58eefc7e880fde7c706cd66af9e82558920597"},{"key":"MiTrust-git_sha1-datasharing","value":"c515f35a2bcc3d02465243be0c9584ed7752b976"},{"key":"MiTrust-spring-start","value":"2023-04-12T11:37:27.741204381+02:00"},{"key":"MiTrust-spring-end","value":"2023-04-12T11:37:27.747179217+02:00"}],"cookie":[],"responseTime":null,"body":"{\n    \"status\": \"success\",\n    \"data\": {\n        \"active_dps\": 5,\n        \"client_id\": \"sbx_MiTrust_Integration_Tutorial.gb\",\n        \"scope\": \"name address\"\n    }\n}"}],"_postman_id":"62c15489-abfb-4210-8958-1af9b550161a"}],"id":"9225724b-4a7f-4745-89e4-645aee7e6fe7","_postman_id":"9225724b-4a7f-4745-89e4-645aee7e6fe7","description":""},{"name":"Headless","item":[{"name":"Start sharing-flow v2  For autoupdate","event":[{"listen":"test","script":{"id":"00357286-78c1-47b9-bf09-76607ac8ad45","exec":["// MiTrust will redirect the User to the proper URL","pm.test(\"Redirect Url location\", function () {","    console.log(pm.response)","    pm.response.to.have.header(\"Location\");","});"],"type":"text/javascript"}},{"listen":"prerequest","script":{"id":"a624bcf1-4472-4f91-a98f-4a97dc3bebaa","exec":[""],"type":"text/javascript"}}],"id":"3566a965-0288-424d-af20-5ec0cd8e1030","protocolProfileBehavior":{"disableBodyPruning":true,"followRedirects":false},"request":{"auth":{"type":"noauth","isInherited":false},"method":"GET","header":[],"url":"https://sbx-app.m-itrust.com/v2/sp/sharingflow/start?client_id=sbx_MiTrust_Integration_Tutorial.gb&redirect_uri=https://www.example.com/redirect_from_mitrust&state=postman-sbx_MiTrust_Integration_Tutorial.gb&scope={{encoded_autoupdate_scope}}&response_type=code","description":"<p>A typical URL to redirect the EndUser to start a sharing flow.</p>\n","urlObject":{"protocol":"https","path":["v2","sp","sharingflow","start"],"host":["sbx-app.m-itrust.com"],"query":[{"description":{"content":"<p>Provided on application registration</p>\n","type":"text/plain"},"key":"client_id","value":"sbx_MiTrust_Integration_Tutorial.gb"},{"description":{"content":"<p>The EndUser will be redirected to this URL.</p>\n<p>You have to properly encode the parameters (especially the scope and redirectUri). In Javascript, you should rely on encodeURIComponent</p>\n","type":"text/plain"},"key":"redirect_uri","value":"https://www.example.com/redirect_from_mitrust"},{"description":{"content":"<p>A value supposed to be unique per flow. It will be provided back at the end of the sharing-flow. Not generated on each call in Postman as later call (e.g. to fetch the access_token) shall rely on the samle value</p>\n","type":"text/plain"},"key":"state","value":"postman-sbx_MiTrust_Integration_Tutorial.gb"},{"description":{"content":"<p>The scope describes the data requested to be shared in given sharing-flow</p>\n","type":"text/plain"},"key":"scope","value":"{{encoded_autoupdate_scope}}"},{"key":"response_type","value":"code"}],"variable":[]}},"response":[{"id":"832f372c-fbd7-4501-b789-1097588b94e6","name":"Start sharing-flow v2","originalRequest":{"method":"GET","header":[],"url":{"raw":"https://sbx-app.m-itrust.com/v2/sp/sharingflow/start?client_id=sbx_MiTrust_Integration_Tutorial.gb&redirect_uri=https://www.example.com/redirect_from_mitrust&state=postman-sbx_MiTrust_Integration_Tutorial.gb&scope=name address&response_type=code","protocol":"https","host":["sbx-app.m-itrust.com"],"path":["v2","sp","sharingflow","start"],"query":[{"key":"client_id","value":"sbx_MiTrust_Integration_Tutorial.gb","description":"Provided on application registration"},{"key":"redirect_uri","value":"https://www.example.com/redirect_from_mitrust","description":"The EndUser will be redirected to this URL.\n\nYou have to properly encode the parameters (especially the scope and redirectUri). In Javascript, you should rely on encodeURIComponent"},{"key":"state","value":"postman-sbx_MiTrust_Integration_Tutorial.gb","description":"A value supposed to be unique per flow. It will be provided back at the end of the sharing-flow. Not generated on each call in Postman as later call (e.g. to fetch the access_token) shall rely on the samle value"},{"key":"scope","value":"name address","description":"The scope describes the data requested to be shared in given sharing-flow"},{"key":"response_type","value":"code"}]}},"status":"Found","code":302,"_postman_previewlanguage":"plain","header":[{"key":"Cache-Control","value":"no-store, must-revalidate, no-cache, max-age=0"},{"key":"Pragma","value":"no-cache"},{"key":"Expires","value":"0"},{"key":"Location","value":"/#/sharing/start?client_id=sbx_MiTrust_Integration_Tutorial.gb&scope=name%20address&redirect_uri=https%3A%2F%2Fwww.example.com%2Fredirect_from_mitrust&state=postman-sbx_MiTrust_Integration_Tutorial.gb&language=en&sharing_flow_id=d21aaa71-d43b-42d0-b3f2-1ccc35369b8b"},{"key":"Vary","value":"Access-Control-Request-Headers"},{"key":"Server","value":"Kestrel"},{"key":"MiTrust-git_sha1-datasharing","value":"4816f34ba034adbb3b97ee1a9270d127b1df6d92"},{"key":"MiTrust-azure_instance_id-datasharing","value":"f6ac135c52b048d91b92cc79c27b985ddd7ffd33d5b3fa221fdb235825d7cb12"},{"key":"MiTrust-spring-start","value":"2021-07-16T17:39:13.100350+02:00"},{"key":"MiTrust-spring-end","value":"2021-07-16T17:39:13.260488+02:00"},{"key":"X-Content-Type-Options","value":"nosniff"},{"key":"X-XSS-Protection","value":"1; mode=block"},{"key":"Strict-Transport-Security","value":"max-age=31536000 ; includeSubDomains"},{"key":"X-Frame-Options","value":"DENY"},{"key":"Date","value":"Fri, 16 Jul 2021 15:39:12 GMT"},{"key":"Content-Length","value":"0"}],"cookie":[],"responseTime":null,"body":null}],"_postman_id":"3566a965-0288-424d-af20-5ec0cd8e1030"},{"name":"Generate client_credentials access_token","event":[{"listen":"test","script":{"id":"2b6d4692-aef5-4e5a-b51f-94faa887c39f","exec":["// Check there is an access_token\r","var jsonData = pm.response.json();\r","pm.test(\"Check access_token\", function () {\r","    pm.collectionVariables.set(\"basic_access_token-headless\", jsonData.access_token);\r","    pm.expect(jsonData.access_token).to.be.a('string');\r","    pm.expect(jsonData.token_type).equal(\"bearer\");\r","    pm.expect(jsonData.expires_in).to.be.a('number');\r","});\r","pm.test(\"Check scope\", function () {\r","     pm.expect(jsonData.scope).equal('headless');\r","});"],"type":"text/javascript"}}],"id":"730d268f-583d-492d-822b-05f21adc6066","protocolProfileBehavior":{"disableBodyPruning":true,"followRedirects":false},"request":{"auth":{"type":"basic","basic":{"basicConfig":[{"key":"username","value":"sbx_MiTrust_Integration_Tutorial.gb"},{"key":"password","value":"clientSecretProvidedByMiTrust"}]},"isInherited":false},"method":"POST","header":[{"key":"Content-Type","name":"Content-Type","value":"application/x-www-form-urlencoded","type":"text"}],"body":{"mode":"urlencoded","urlencoded":[{"description":"<p>This is a hardcoded value: do not edit it</p>\n","key":"grant_type","type":"text","value":"client_credentials"},{"key":"scope","value":"headless","type":"text"}]},"url":"https://sbx-app.m-itrust.com/oauth/token","description":"<p>Some data can be fetched without a User SharingFlow, as they do not require any User credentials.\n    You have to generate a token, through a POST request authenticated with <b>BASIC</b>.\n    The token has <code>grant_type=client_credentials</code> as there is no user interaction.</p>\n","urlObject":{"protocol":"https","path":["oauth","token"],"host":["sbx-app.m-itrust.com"],"query":[],"variable":[]}},"response":[{"id":"cd660e1d-83f5-4bed-b800-ede352f437a7","name":"Generate Token for Headless","originalRequest":{"method":"POST","header":[{"key":"Content-Type","name":"Content-Type","value":"application/x-www-form-urlencoded","type":"text"}],"body":{"mode":"urlencoded","urlencoded":[{"description":"This is a hardcoded value: do not edit it","key":"grant_type","type":"text","value":"client_credentials"},{"key":"scope","value":"headless","type":"text"}]},"url":"https://sbx-app.m-itrust.com/oauth/token"},"status":"OK","code":200,"_postman_previewlanguage":"json","header":[{"key":"Cache-Control","value":"no-store"},{"key":"Pragma","value":"no-cache"},{"key":"Transfer-Encoding","value":"chunked"},{"key":"Content-Type","value":"application/json; charset=UTF-8"},{"key":"Content-Encoding","value":"gzip"},{"key":"Vary","value":"accept-encoding"},{"key":"Server","value":"Kestrel"},{"key":"MiTrust-azure_instance_id","value":"8734be2b37468dd5aa31a550b46781a263f927c97dc3544bbcfa4d72b83220e1"},{"key":"MiTrust-git_sha1","value":"eefdc5e39055ede7762b9273004e79981b426da8"},{"key":"X-Content-Type-Options","value":"nosniff"},{"key":"X-XSS-Protection","value":"1; mode=block"},{"key":"Strict-Transport-Security","value":"max-age=31536000 ; includeSubDomains"},{"key":"X-Frame-Options","value":"DENY"},{"key":"Date","value":"Wed, 07 Jul 2021 12:47:19 GMT"}],"cookie":[],"responseTime":null,"body":"{\n    \"access_token\": \"eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOlsib2F1dGgyLXJlc291cmNlIl0sInNjb3BlIjpbImhlYWRsZXNzIl0sImV4cCI6MTYyNTY2NTY0MCwianRpIjoiRFhyV2VFS1cybkpfeERXOXlxUVd1dGNSeXNNIiwiY2xpZW50X2lkIjoic2J4X01pVHJ1c3RfSW50ZWdyYXRpb25fVHV0b3JpYWwuZ2IifQ.YkgUxpXXtCo6Ez7YWk6sE_suBs1AYb9VAXnTwN9cg8dpsV2IFx9UgCrvvAkwQ66lR8piMeBGC7hcAeM1kJPsiRSxY8_V7of83P0PHqgbO7Rci0zTo5c7aOyAr3oGKPWHjXZS7hRZIgsCJT7mzr-8mJRn66ARWF1dhGsRIX4hGyBnuFvmNGuAO3KNjHcMvdzpewz0uFyJ01ps64IH-QszW8TpSrMmMyiLyQ26zulcmh-SMZZr8-BnL2bj4k2hQx-BBIJnvmBfBW3LcOrOly6Rbx5d0pIBBQikneng8xeH0tZlbYjJS6bWEMLOGF17YZlUiX0XVqCc7tRTY8tFehzt6A\",\n    \"token_type\": \"bearer\",\n    \"expires_in\": 3599,\n    \"scope\": \"headless\",\n    \"jti\": \"DXrWeEKW2nJ_xDW9yqQWutcRysM\"\n}"}],"_postman_id":"730d268f-583d-492d-822b-05f21adc6066"},{"name":"Generate headless_Token","event":[{"listen":"test","script":{"id":"209b3545-b8f7-459f-bca6-93e535c41f77","exec":["// Check there is an headless_token\r","var jsonData = pm.response.json();\r","pm.test(\"Check headless_token\", function () {\r","    pm.collectionVariables.set(\"headless_token\", jsonData.data.access_token_wrapper.access_token);\r","    pm.expect(jsonData.data.access_token_wrapper.access_token).to.be.a('string');\r","    pm.expect(jsonData.data.access_token_wrapper.token_type).equal(\"headless\");\r","    pm.expect(jsonData.data.access_token_wrapper.expires_in).to.be.a('number'); \r","});\r","\r","\r","    "],"type":"text/javascript"}}],"id":"a183cfee-138c-4be5-9d58-58dd52b463a3","protocolProfileBehavior":{"disableBodyPruning":true,"followRedirects":false,"disabledSystemHeaders":{}},"request":{"auth":{"type":"bearer","bearer":{"basicConfig":[{"key":"token","value":"access_token"}]},"isInherited":false},"method":"POST","header":[],"body":{"mode":"raw","raw":"{\r\n    \"company.registration_number\": 123456789,\r\n    \"company.country\": \"FR\"\r\n}","options":{"raw":{"language":"json"}}},"url":"https://sbx-app.m-itrust.com/v2/sp/headless/company","description":"<p>This newly generated <code>access_token</code> can now be used to generate a <code>headless_token</code>.</p>\n","urlObject":{"protocol":"https","path":["v2","sp","headless","company"],"host":["sbx-app.m-itrust.com"],"query":[],"variable":[]}},"response":[{"id":"65bb0c39-3860-4304-b537-c37553cb7d3f","name":"Generate Headless Token","originalRequest":{"method":"POST","header":[{"key":"Content-Type","name":"Content-Type","value":"application/x-www-form-urlencoded","type":"text","disabled":true}],"body":{"mode":"raw","raw":"{\r\n    \"company.registration_number\": 123456789,\r\n    \"company.country\": \"FR\"\r\n}","options":{"raw":{"language":"json"}}},"url":"https://sbx-app.m-itrust.com/v2/sp/headless/company"},"status":"OK","code":200,"_postman_previewlanguage":"json","header":[{"key":"MiTrust-azure_instance_id","value":"<missing>"},{"key":"MiTrust-git_sha1","value":"d4b5a656e3685a27f311e9fd9c96bd07b3e5de34"},{"key":"Vary","value":"Origin"},{"key":"Vary","value":"Access-Control-Request-Method"},{"key":"Vary","value":"Access-Control-Request-Headers"},{"key":"MiTrust-spring-start","value":"2021-07-08T15:50:06.892367600+02:00"},{"key":"X-Content-Type-Options","value":"nosniff"},{"key":"X-XSS-Protection","value":"1; mode=block"},{"key":"Cache-Control","value":"no-cache, no-store, max-age=0, must-revalidate"},{"key":"Pragma","value":"no-cache"},{"key":"Expires","value":"0"},{"key":"X-Frame-Options","value":"DENY"},{"key":"Content-Type","value":"application/json"},{"key":"Transfer-Encoding","value":"chunked"},{"key":"Date","value":"Thu, 08 Jul 2021 13:50:08 GMT"},{"key":"Keep-Alive","value":"timeout=60"},{"key":"Connection","value":"keep-alive"}],"cookie":[],"responseTime":null,"body":"{\n    \"status\": \"success\",\n    \"data\": {\n        \"access_token_wrapper\": {\n            \"token_type\": \"headless\",\n            \"access_token\": \"eyJhbGciOiJQUzUxMiJ9.eyJhdWQiOiI4ZjQ2MWY4ZTAxODliOTVjNjljMTQwOTIyNWVhMDc5ZCIsImlzcyI6Imh0dHBzOlwvXC9sb2NhbC1hcHAubS1pdHJ1c3QuY29tIiwiandlIjoiZXlKcmFXUWlPaUpvWldGa2JHVnpjeTA0WmpRMk1XWTRaVEF4T0RsaU9UVmpOamxqTVRRd09USXlOV1ZoTURjNVpGd3ZORFEzTnpJNVl6a3dPV1ZsTkRkbE5EaGhNREkzTm1OalptSXhZalV3Wm1FaUxDSmxibU1pT2lKQk1qVTJRMEpETFVoVE5URXlJaXdpWVd4bklqb2lVbE5CTFU5QlJWQXRNalUySW4wLlUtQWNtOFcxbHhQb2txOU5pYmNBOWo3RXJZQzJidHB4VHZ5a1FJWHJ4UFRKQVN0clFaWU82Z29nU280akdDY2FNUFJQVFc5MkM0WWNnOWp3OHJfeEtwNXpyNnJJelZ5OG5pOFlwOVJPR0l0TWJrcWNPa0ZrQloxdEg2N0M5YlBBS2pWZXVELXBzQy1pZHdKZnRGSm1EbXJRVmpGVm1HY1dFVnNVZERfSmMyN1c0enVzWFhiQXRza2trUFlPZmN6d0pfSlp3U0xsTHRobWd0TkJvdU9FaDg1dC1LY1ZBaUk2TE9KM0pvWDhJbFRWX09sTHJSSTRFaU56Z2tlN3NrTm1hUUNDUFhDOVdsVk1PbXhvQUtoMDJfUkJVNVVacXYyMXlzOXptUXlmYUZVUXNjNHRHOVdKN1JXdDBhMVNQSHA1R2FDajdFS0FUaTFIdlJaY1k5cEZhbm04UzltSUtJZkhHcEc2cDlMZzIyV0M0QkV6dEpndElCNC1FSGJtbkNjbE5wcGpaSnp0bC1sX0N3Y21xbW9KczB0UHMxMlV3UHItQjZRaXpYRkVLaHJXWWZqdTVJTFhYY3duSVlWZFNtYmpQVGt4dkRsZ1YyckdBTEF0TFR3SEpsU2VyQXlnNEdYa3l3NmlxWWhRQW9velZwZzcxSkMzZk1DcWNhYXJVQTJKNXgtUWd0a3ZJblFqVlRfYlVQX2ZWVGFFT1FqZE5Ib3JKZF9kdkFZdUFaNDhIcm9RbjFBNVEybElabUE5Qmsxb1NpNU4yTnVXS3VuSmpjUWd0bEhNaXBmMjJ6UXp2ZUNScEt1bldBZkg1WkpWMVlDb25jRUlpV3pSUnVLZFNLMWRtaHkyRk9Bek5CTEgybnU4R2RIUDdJdld6azczdnRMYWYzWXFMY1VXOEdzLlBGZ0UySUxad2Z4LU5wZk1VQzJlMFEuaGJlbVZ6Skw1Y1BCMVA0Zmd2T0tRcTdJc0JZajBJZFRPTkpEY0hPWDAwTkMzX3d5YmcxMkZ3M1BWR2pnWURlNGhYSTdOMG1MeHI5ZTRqd2pCS3RNWENKZlQ3MGlEUkdiMHQzeUo2OUhKUUV6clBxc2NmMy1uNkxJVkNobUZzYmJsYnlhUUdvT1RELVFLZlR1aHFXeHJqMjFnOFhfOVFwNms5cHVNQ1RDNHA3QktFS1Z6ZXczcENVRkg1RkNXYmdQMDI1OEJDd0U2aHRxRHFaQTFBWmtJT2trS18xLVBoZm1lWjYwdXRINHAxWTVISzBxWHBHRnN0R1YzVnpSVmJHMWZlN3gybzRSVlUyNkZRMXE4YzJJUFhpZ3h3SzBQbHRoYUxiU1g2SDhGMmY5QXFhcjVBNW05VVpMWk51dkUzQ2NSV1VfTDZvamNDMXdoN18zS283LWF3NXV0LWxDYUNPVVBWeTNUMHRqbEh6MnZPa2RRT2ZXMGFqTlBnOVpnN25acTNUakJicXJMUjhUOFV5SWJ6SDJzQlhFUlFJR2RTS0UtelVaeDhiX0FrbFh5UV9XaTVXcG16SEdlZUF3TGNuTEw4d1FRanJsZE1SMHYtbjZEekdzYkp6QlRNWlg3NDVXX2lvMmtGTXlFYkFYRzBseXZCYXhiZXZ4NzVLejkwczkyV1N3YkFrWUY5blhyXzlUN2EyNVpER09wQ0g4Q1BGTkhMUlJCb2JfdVg3VW8xS18zQ3VSQURaUUhyM1FOcWJNWTIwZVJxV2JKZWUwMExESHNlY2xUMmkyeFAyR2h2TEUtOWs1aXBGUmJXYTVMRy1KT1VJeTNHb3B4NE1kM0RuZHlFWDlXc3VUUlJEUHFVaEt3QVR2RlEuN1RRQ1ZMNnRXTWY3N2t3S1BlV0ctN3pFRzJGaThIcjlBX3R5NW9ia1F3WSIsImV4cCI6MTYyNTc1NTgwNywiaWF0IjoxNjI1NzUyMjA3LCJ2ZXJzaW9uIjoiMyJ9.MhtYFFuwZwvFmVVKovereofpbtNE1btIl8nPZ3hYb2WNlhW_gSgyFHcVfPbUkFIak4Rgr8u965JPWNQDInEfQ4jphOvPTWNY1cYafaIpfANJ2WgCjbu7bKW3aVOqSZfl44ccAGxJCaMOHKWFVMCB2LGfO3Ui2GSZAK2VNhih8CDNJroJSUKJYGIJccWJysNulNWHftwEKiIZEe61LdFsKHXy7pHGSODIUKWT2MbKKC6q36uJ0Nx1_G0NtKRq-aOzKWhLI0BVR7JBGUhWZDejYSY0xEofQdCjnmhh-11_ErqxPuzPcO7Rk4DqETiQAbTywpSg3x2t_omSe7dfMzpQ-g\",\n            \"expires_in\": 3600,\n            \"links\": [\n                {\n                    \"rel\": \"self\",\n                    \"href\": \"http://localhost:8085/v2/sp/headless\"\n                }\n            ]\n        }\n    }\n}"}],"_postman_id":"a183cfee-138c-4be5-9d58-58dd52b463a3"},{"name":"Generate headless_session","event":[{"listen":"test","script":{"id":"372ea5fe-381f-4a6c-bd77-349d3f796ac8","exec":["// Check there is an headless_session\r","    var jsonData = pm.response.json();\r","pm.test(\"Check headless_session\", function () {\r","    pm.collectionVariables.set(\"headless_session\", jsonData.data.headless_session);\r","    pm.expect(jsonData.data.headless_session).to.be.a('string');  \r","});\r","pm.test(\"Check sharing_flow_id\", function () {\r","    pm.expect(jsonData.data.sharing_flow_id).to.be.a('string');\r","});"],"type":"text/javascript"}}],"id":"3468cc76-4b1d-4461-97bb-547c9ab68913","protocolProfileBehavior":{"disableBodyPruning":true,"followRedirects":false,"disabledSystemHeaders":{}},"request":{"auth":{"type":"bearer","bearer":{"basicConfig":[{"key":"token","value":"access_token"}]},"isInherited":false},"method":"POST","header":[{"key":"headless_token","name":"Content-Type","value":"headless_token","type":"text"}],"url":"https://sbx-app.m-itrust.com/v2/sp/headless","description":"<p>To be able to start your headless session, you need your a headless_session token. You will ll have to make a POST request with your previously created <code>access_token</code> and <code>headless_token</code>.</p>\n","urlObject":{"protocol":"https","path":["v2","sp","headless"],"host":["sbx-app.m-itrust.com"],"query":[],"variable":[]}},"response":[{"id":"34226c09-f825-4448-a102-df9bacd8e123","name":"Fetch headless session","originalRequest":{"method":"POST","header":[{"key":"headless_token","name":"Content-Type","value":"headless_token","type":"text"}],"body":{"mode":"raw","raw":"","options":{"raw":{"language":"json"}}},"url":"https://sbx-app.m-itrust.com/v2/sp/headless"},"status":"OK","code":200,"_postman_previewlanguage":"json","header":[{"key":"MiTrust-azure_instance_id","value":"<missing>"},{"key":"MiTrust-git_sha1","value":"d4b5a656e3685a27f311e9fd9c96bd07b3e5de34"},{"key":"Vary","value":"Origin"},{"key":"Vary","value":"Access-Control-Request-Method"},{"key":"Vary","value":"Access-Control-Request-Headers"},{"key":"MiTrust-spring-start","value":"2021-07-08T15:52:39.299206400+02:00"},{"key":"X-Content-Type-Options","value":"nosniff"},{"key":"X-XSS-Protection","value":"1; mode=block"},{"key":"Cache-Control","value":"no-cache, no-store, max-age=0, must-revalidate"},{"key":"Pragma","value":"no-cache"},{"key":"Expires","value":"0"},{"key":"X-Frame-Options","value":"DENY"},{"key":"Content-Type","value":"application/json"},{"key":"Transfer-Encoding","value":"chunked"},{"key":"Date","value":"Thu, 08 Jul 2021 13:52:47 GMT"},{"key":"Keep-Alive","value":"timeout=60"},{"key":"Connection","value":"keep-alive"}],"cookie":[],"responseTime":null,"body":"{\n    \"status\": \"success\",\n    \"data\": {\n        \"headless_session\": \"eyJraWQiOiJkZGUzYzI0OC0wNjg1LTQ1ODUtYjg1OC0xMjU5MDlhNmU1ODMiLCJlbmMiOiJBMjU2Q0JDLUhTNTEyIiwiYWxnIjoiUlNBLU9BRVAtMjU2In0.g1rC0PSalqyvLn0QmgqEbyPKOy2gbwVKTHZtYOrlH09At6H-yHxAMr4RKA7WxMx0OvhzWzXp1vdvbsJcvG_q_Etl_pMQ3KKjx8XHn-CSKgkHMHRbGC3BMimpl3S-x-5moekUND6bT3rxsek3A2R5It33uoCPnqR_foFjD4tYymg9GbcBT33fL9MQO08wABLNYciH5qDwUehy0bhXGHIbvOCiNdx9M44nwcfx3gKMjqcQQoy1tBF2aD8vmpBLZXmpV-FE3OS1sFEH5DRoUSs57pzzos-VkqbwgM-r0q8dF122Idfvt5cxw8AGf4j6CFj4wbQzVd4dvAoVH9wTGRcfcw.GerZFw1JEY7yLn1o7lEs7w.VbGFxPyJO8Sb74s2lYasSmakYfFdzc3pALGSPSbxuMNqIhKdF3IVWkIrUTiaxW5okpPJ8J6bqC9p3XaLMZna1bW-Qo6i1yz82I6EBNJSCUG9YmpmW3mdJBRYTq8wZyqcAiffF_WjX7_3AnDUlU1VwHR3_q3EooLQf6TmU170OzXI3wtk1XqkKEZZkG3EEWdH7nOBd-oQLc_q3psk733SRPXT2RA4jhegABqMdBWCkLSvdNTP4LWbBYKduDnsBVt2E5R7v6O_MF34WLQmPs0I_5iBB9u_Jge36JP7l43S8dBYFTjHQxxIN9N6WYJVCwbkyKTV_Sfdydc9_z8VkYMjFOndL3XVnjmXILGr7Xwkuzit2sc3GuViz6udaZN98Bfvjzg9qsx_WKp18vY0AcIJ1PsrxxFeLeScxD-KCbcfX6-BfUp5-QXbukmJvygCm8FjQOsvBfHzjd3DqzQQcnKZRf07cg4s5a1Q3PIRW_Ws49tblWgMUFK3-DwMDFhkcJnJlJ8q92c8VqFSV9O53fKNx4mizWgE-2zSNtJAHjMuwWkpzOdi8Q3RyMqwpZE4Eg53x8Hw19cVjLZ3HuM8UaeETp2S_5c89Wu1iAaV1ESqvh2WqchNHJ1h_5XGueXUn3aSG4Ug0XLbzjH2F7CNAOpKBw_Nk8YTRhOrGnMYNK0_G76wrwMGuLTPsmqnCKGRf79cykfznQa0vveBTqVuGCS2fo26ptXR_8bhhoPbYzEH8qWzh3z83EAIqyusdTnOqgzL.z4wBzILVy1hyiTsJbFwj_dUoB8A4jWVCV7hqKdPzE40\",\n        \"sharing_flow_id\": \"2c2c05e4-cc02-4f7b-a42f-4787cc44827f\"\n    }\n}"},{"id":"a7ae3425-b950-4ef2-9159-6a0c7462a998","name":"Fetch headless session Invalid scope Error","originalRequest":{"method":"POST","header":[{"key":"headless_token","name":"Content-Type","value":"headless_token","type":"text"}],"url":"https://sbx-app.m-itrust.com/v2/sp/headless"},"status":"OK","code":200,"_postman_previewlanguage":"json","header":[{"key":"Cache-Control","value":"no-store, must-revalidate, no-cache, max-age=0"},{"key":"Pragma","value":"no-cache"},{"key":"Transfer-Encoding","value":"chunked"},{"key":"Content-Type","value":"application/json"},{"key":"Content-Encoding","value":"gzip"},{"key":"Expires","value":"0"},{"key":"Vary","value":"accept-encoding"},{"key":"MiTrust-azure_instance_id-gateway","value":"d29ec50e2353fd96ac8ed72619c1a2fb36a21ed6c3f22a5075cd2c606bb89829"},{"key":"MiTrust-git_sha1-gateway","value":"9045f8c9354fe15075a8d6a5f0bac90b4d18c003"},{"key":"MiTrust-azure_instance_id-datasharing","value":"2f82fcda71047f2cee039aca2508dd3ba4f1da517325421091357c6b28aa93c6"},{"key":"MiTrust-git_sha1-datasharing","value":"9045f8c9354fe15075a8d6a5f0bac90b4d18c003"},{"key":"MiTrust-spring-start","value":"2022-02-28T17:31:15.295082+01:00"},{"key":"X-Content-Type-Options","value":"nosniff"},{"key":"X-XSS-Protection","value":"1; mode=block"},{"key":"Strict-Transport-Security","value":"max-age=31536000 ; includeSubDomains"},{"key":"X-Frame-Options","value":"DENY"},{"key":"Referrer-Policy","value":"no-referrer"},{"key":"Content-Security-Policy","value":"default-src 'self' https:; font-src 'self' https: data:; img-src 'self' https: data:; object-src 'none'; script-src https:; style-src 'self' https: 'unsafe-inline'"},{"key":"X-Download-Options","value":"noopen"},{"key":"X-Permitted-Cross-Domain-Policies","value":"none"},{"key":"Date","value":"Mon, 28 Feb 2022 16:31:15 GMT"}],"cookie":[],"responseTime":null,"body":"{\n    \"status\": \"fail\",\n    \"http_status\": 400,\n    \"data\": {\n        \"error\": \"Invalid claim as scope: company (scope: 'autoupdate company#no_document#mutable company.registration_number#invariant headless')\",\n        \"stack\": \"java.lang.IllegalArgumentException: Invalid claim as scope: company (scope: 'autoupdate company#no_document#mutable company.registration_number#invariant headless')\\n\\tat io.mitrust.autoupdate.HeadlessToken.getAndVerifyScopes(HeadlessToken.java:158)\\n\\tat io.mitrust.autoupdate.HeadlessToken.fromMap(HeadlessToken.java:130)\\n\\tat io.mitrust.sp.headless.AutoupdateHelper.parseHeadlessToken(AutoupdateHelper.java:314)\\n\\tat io.mitrust.sp.mvc.headless.HeadlessApiController.parseHeadlessToken(HeadlessApiController.java:110)\\n\\tat io.mitrust.sp.mvc.headless.HeadlessApiController.triggerHeadlessSession(HeadlessApiController.java:104)\\n\\tat java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)\\n\\tat java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)\\n\\tat java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)\\n\\tat java.base/java.lang.reflect.Method.invoke(Method.java:566)\\n\\tat org.springframework.web.method.support.InvocableHandlerMethod.doInvoke(InvocableHandlerMethod.java:205)\\n\\tat org.springframework.web.method.support.InvocableHandlerMethod.invokeForRequest(InvocableHandlerMethod.java:150)\\n\\tat org.springframework.web.servlet.mvc.method.annotation.ServletInvocableHandlerMethod.invokeAndHandle(ServletInvocableHandlerMethod.java:117)\\n\\tat org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.invokeHandlerMethod(RequestMappingHandlerAdapter.java:895)\\n\\tat org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.handleInternal(RequestMappingHandlerAdapter.java:808)\\n\\tat org.springframework.web.servlet.mvc.method.AbstractHandlerMethodAdapter.handle(AbstractHandlerMethodAdapter.java:87)\\n\\tat org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:1067)\\n\\tat org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:963)\\n\\tat org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:1006)\\n\\tat org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:909)\\n\\tat javax.servlet.http.HttpServlet.service(HttpServlet.java:681)\\n\\tat org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:883)\\n\\tat javax.servlet.http.HttpServlet.service(HttpServlet.java:764)\\n\\tat org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:227)\\n\\tat org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162)\\n\\tat org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:53)\\n\\tat org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189)\\n\\tat org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162)\\n\\tat io.mitrust.security.azure.NoOpAADAuthenticationFilter.doFilterInternal(NoOpAADAuthenticationFilter.java:34)\\n\\tat org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117)\\n\\tat org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189)\\n\\tat org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162)\\n\\tat io.sentry.spring.SentryUserFilter.doFilterInternal(SentryUserFilter.java:56)\\n\\tat org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117)\\n\\tat org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189)\\n\\tat org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162)\\n\\tat org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:327)\\n\\tat org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:115)\\n\\tat org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:81)\\n\\tat org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336)\\n\\tat org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:122)\\n\\tat org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:116)\\n\\tat org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336)\\n\\tat org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:126)\\n\\tat org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:81)\\n\\tat org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336)\\n\\tat io.mitrust.backend.account.anonymousflow.SfIdAuthenticationFilter.doFilter(SfIdAuthenticationFilter.java:103)\\n\\tat org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336)\\n\\tat org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:109)\\n\\tat org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336)\\n\\tat org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:149)\\n\\tat org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336)\\n\\tat org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:63)\\n\\tat org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336)\\n\\tat org.springframework.security.oauth2.provider.authentication.OAuth2AuthenticationProcessingFilter.doFilter(OAuth2AuthenticationProcessingFilter.java:182)\\n\\tat org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336)\\n\\tat org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:103)\\n\\tat org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:89)\\n\\tat org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336)\\n\\tat org.springframework.web.filter.CorsFilter.doFilterInternal(CorsFilter.java:91)\\n\\tat org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117)\\n\\tat org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336)\\n\\tat org.springframework.security.web.header.HeaderWriterFilter.doHeadersAfter(HeaderWriterFilter.java:90)\\n\\tat org.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:75)\\n\\tat org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117)\\n\\tat org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336)\\n\\tat org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:110)\\n\\tat org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:80)\\n\\tat org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336)\\n\\tat org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:55)\\n\\tat org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117)\\n\\tat org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336)\\n\\tat org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:211)\\n\\tat org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:183)\\n\\tat org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:354)\\n\\tat org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:267)\\n\\tat org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189)\\n\\tat org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162)\\n\\tat org.springframework.web.filter.RequestContextFilter.doFilterInternal(RequestContextFilter.java:100)\\n\\tat org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117)\\n\\tat org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189)\\n\\tat org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162)\\n\\tat org.springframework.web.filter.FormContentFilter.doFilterInternal(FormContentFilter.java:93)\\n\\tat org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117)\\n\\tat org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189)\\n\\tat org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162)\\n\\tat org.springframework.session.web.http.SessionRepositoryFilter.doFilterInternal(SessionRepositoryFilter.java:142)\\n\\tat org.springframework.session.web.http.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:82)\\n\\tat org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189)\\n\\tat org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162)\\n\\tat org.springframework.cloud.sleuth.instrument.web.servlet.TracingFilter.doFilter(TracingFilter.java:68)\\n\\tat org.springframework.cloud.sleuth.autoconfig.instrument.web.TraceWebServletConfiguration$LazyTracingFilter.doFilter(TraceWebServletConfiguration.java:129)\\n\\tat org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189)\\n\\tat org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162)\\n\\tat org.springframework.boot.actuate.metrics.web.servlet.WebMvcMetricsFilter.doFilterInternal(WebMvcMetricsFilter.java:96)\\n\\tat org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117)\\n\\tat org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189)\\n\\tat org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162)\\n\\tat org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:201)\\n\\tat org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117)\\n\\tat org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189)\\n\\tat org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162)\\n\\tat io.mitrust.backend.mvc.MiTrustRobotFilter.doFilterInternal(MiTrustRobotFilter.java:45)\\n\\tat org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117)\\n\\tat org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189)\\n\\tat org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162)\\n\\tat io.mitrust.backend.mvc.MiTrustTechnicalFilter.doFilterInternal(MiTrustTechnicalFilter.java:109)\\n\\tat org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117)\\n\\tat org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189)\\n\\tat org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162)\\n\\tat io.sentry.spring.SentrySpringFilter.doFilterInternal(SentrySpringFilter.java:57)\\n\\tat org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117)\\n\\tat org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189)\\n\\tat org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162)\\n\\tat org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:197)\\n\\tat org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:97)\\n\\tat org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:540)\\n\\tat org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:135)\\n\\tat org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92)\\n\\tat org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:78)\\n\\tat org.springframework.cloud.sleuth.instrument.web.tomcat.TraceValve.invoke(TraceValve.java:74)\\n\\tat org.apache.catalina.valves.RemoteIpValve.invoke(RemoteIpValve.java:769)\\n\\tat org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:357)\\n\\tat org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:382)\\n\\tat org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65)\\n\\tat org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:895)\\n\\tat org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1732)\\n\\tat org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)\\n\\tat org.apache.tomcat.util.threads.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1191)\\n\\tat org.apache.tomcat.util.threads.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:659)\\n\\tat org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)\\n\\tat java.base/java.lang.Thread.run(Thread.java:829)\\n\"\n    }\n}"}],"_postman_id":"3468cc76-4b1d-4461-97bb-547c9ab68913"},{"name":"Poll Backend for Headless results","event":[{"listen":"test","script":{"id":"56f166ac-857f-489d-8632-2a8139b5e079","exec":["// Check there is an access_token\r","    var jsonData = pm.response.json();\r","pm.test(\"Check access_token\", function () {\r","    pm.expect(jsonData.data.flow_status).to.be.a('string');  \r","    pm.expect(jsonData.data.flow_status).to.be.oneOf(['ongoing', 'accepted','completed','failed','terminated'])\r","});\r",""],"type":"text/javascript"}}],"id":"1bbf12ec-4ef1-4e7d-9220-666cbcc27232","protocolProfileBehavior":{"disableBodyPruning":true,"followRedirects":false,"disabledSystemHeaders":{}},"request":{"auth":{"type":"bearer","bearer":{"basicConfig":[{"key":"token","value":"access_token"}]},"isInherited":false},"method":"GET","header":[{"key":"headless_session","name":"Content-Type","value":"headless_session","type":"text"}],"url":"https://sbx-app.m-itrust.com/v2/sp/headless","description":"<p>Now that you have your <code>headless_session</code>, your backend shall poll MiTrust BE with it as a header.</p>\n","urlObject":{"protocol":"https","path":["v2","sp","headless"],"host":["sbx-app.m-itrust.com"],"query":[],"variable":[]}},"response":[{"id":"b426f541-3cb6-4c6e-924b-91d61fb84c01","name":"Ongoing","originalRequest":{"method":"GET","header":[{"key":"headless_session","name":"Content-Type","value":"headless_session","type":"text"}],"url":"https://sbx-app.m-itrust.com/v2/sp/headless"},"status":"OK","code":200,"_postman_previewlanguage":"json","header":[{"key":"MiTrust-azure_instance_id","value":"<missing>"},{"key":"MiTrust-git_sha1","value":"d4b5a656e3685a27f311e9fd9c96bd07b3e5de34"},{"key":"Vary","value":"Origin"},{"key":"Vary","value":"Access-Control-Request-Method"},{"key":"Vary","value":"Access-Control-Request-Headers"},{"key":"MiTrust-spring-start","value":"2021-07-08T16:08:59.349422900+02:00"},{"key":"X-Content-Type-Options","value":"nosniff"},{"key":"X-XSS-Protection","value":"1; mode=block"},{"key":"Cache-Control","value":"no-cache, no-store, max-age=0, must-revalidate"},{"key":"Pragma","value":"no-cache"},{"key":"Expires","value":"0"},{"key":"X-Frame-Options","value":"DENY"},{"key":"Content-Type","value":"application/json"},{"key":"Transfer-Encoding","value":"chunked"},{"key":"Date","value":"Thu, 08 Jul 2021 14:08:59 GMT"},{"key":"Keep-Alive","value":"timeout=60"},{"key":"Connection","value":"keep-alive"}],"cookie":[],"responseTime":null,"body":"{\n    \"status\": \"success\",\n    \"data\": {\n        \"flow_status\": \"ongoing\"\n    }\n}"},{"id":"e9438a85-af51-4c98-a4e6-b3a61d9a01e3","name":"Failed - reason=login","originalRequest":{"method":"GET","header":[{"key":"headless_session","name":"Content-Type","value":"headless_session","type":"text"}],"url":"https://sbx-app.m-itrust.com/v2/sp/headless"},"status":"OK","code":200,"_postman_previewlanguage":"json","header":[{"key":"MiTrust-git_sha1-monolith","value":"6839c4b10f90e1bccac977afde2b7bc6545d024d"},{"key":"MiTrust-azure_instance_id-monolith","value":"<missing>"},{"key":"Vary","value":"Origin"},{"key":"Vary","value":"Access-Control-Request-Method"},{"key":"Vary","value":"Access-Control-Request-Headers"},{"key":"MiTrust-spring-start","value":"2021-07-09T16:03:04.211863+02:00"},{"key":"X-Content-Type-Options","value":"nosniff"},{"key":"X-XSS-Protection","value":"1; mode=block"},{"key":"Cache-Control","value":"no-cache, no-store, max-age=0, must-revalidate"},{"key":"Pragma","value":"no-cache"},{"key":"Expires","value":"0"},{"key":"X-Frame-Options","value":"DENY"},{"key":"Content-Type","value":"application/json"},{"key":"Transfer-Encoding","value":"chunked"},{"key":"Date","value":"Fri, 09 Jul 2021 14:03:04 GMT"},{"key":"Keep-Alive","value":"timeout=60"},{"key":"Connection","value":"keep-alive"}],"cookie":[],"responseTime":null,"body":"{\n    \"status\": \"success\",\n    \"data\": {\n        \"flow_status\": \"failed\",\n        \"reason\": \"login\"\n    }\n}"},{"id":"d16eafce-191b-4bcf-95e7-fd1b0a6a46dc","name":"Completed","originalRequest":{"method":"GET","header":[{"key":"headless_session","name":"Content-Type","value":"headless_session","type":"text"}],"url":{"raw":"https://sbx-app.m-itrust.com/v2/sp/headless?headless_session=eyJraWQiOiJWZG9RamdZMTJCbU9zNU1RUENrbXEwZF9Zel9NdGpWZFd0RUpBODNmeHVZIiwiZW5jIjoiQTI1NkdDTSIsImFsZyI6ImRpciJ9..25Iwr5GOjbKVXGJq.4CS4Bhs9eWnSUu1VAoWrhKFT8v-bkojeyTSqwOlYxdObp17I05rRqBZ3L8VB62jIL8kxZp9GVjy7XbMlBv8-EiEfqJDMq8FkT1NFY2GXLqUYXX_nDvx4IDRPatRqjj650KV5Af1vP_ye7pDGDKmfz_nI4mA2sTwwU2S52yKdi9BTBG4c4ZTv5JtxOEf4idqUn6no4Yo_7F0zFWII_PmnG_PuTSOHOaqRLpoBUHOEekewiwrFztibC2N6JhHkflG6EJNtqobmOgiPN-8i_YvuDwl4GcDQJB_8Wz_Rh_57YjPWqrP_-WQ4j6Y5KA8QVPdoRaWRO2TzmYiQeAjAgherxUiorrdxwGHGw9zjQOcH_oJYyrGxVh-uaL5SZuqMN10ta9sLV7cWqwzPPnSrvNBkRz1ufCbZSfgSJAkRVUt3eOYbrrmSiVr5M5AIOjUheYb8MbgQZJlkKXeYXssFYcXYRivgwEvwBnD8REGwhwYEO6TufgJ_-AHvY_Z3ea5wOJLoeboqs69ZTJOt72UVLvdSy4_IlcMYmu3K89Qd7_phHzdC3kOsLodGwgSaWmBWEeJsjc8jmqbVJU_y95BWPrqmcvdq0NeY-GwG_jFlQQTC8OWqgFB00MCgDrjGjvhHelblL6illwS56qRetHFHxDp-QfuwV3XEu18i-CQepzJqdaBkhb_vQCqBzv8E8Yie8I_R4Mblo8shHj7e_0N0_Q2cj4NBMDZXnshe3Mq-KsHPUvi4tg3N--XkUk8MMIwsIcQbN2QHwfdAhlrOujbTT4NcSh1hBZikCUc5xaX1-barOmPmFuzz3OZF9_lJBXnYEatMfU1mzuEZNJb1seHJc_0pnPE9B-IHZfiIcKyw4Q9pGYbtD2slAUIh1ZhHlGsiMxWXyPn2X6kk.itXARGxjzNWbHUMCJJCyJA","protocol":"https","host":["sbx-app.m-itrust.com"],"path":["v2","sp","headless"],"query":[{"key":"headless_session","value":"eyJraWQiOiJWZG9RamdZMTJCbU9zNU1RUENrbXEwZF9Zel9NdGpWZFd0RUpBODNmeHVZIiwiZW5jIjoiQTI1NkdDTSIsImFsZyI6ImRpciJ9..25Iwr5GOjbKVXGJq.4CS4Bhs9eWnSUu1VAoWrhKFT8v-bkojeyTSqwOlYxdObp17I05rRqBZ3L8VB62jIL8kxZp9GVjy7XbMlBv8-EiEfqJDMq8FkT1NFY2GXLqUYXX_nDvx4IDRPatRqjj650KV5Af1vP_ye7pDGDKmfz_nI4mA2sTwwU2S52yKdi9BTBG4c4ZTv5JtxOEf4idqUn6no4Yo_7F0zFWII_PmnG_PuTSOHOaqRLpoBUHOEekewiwrFztibC2N6JhHkflG6EJNtqobmOgiPN-8i_YvuDwl4GcDQJB_8Wz_Rh_57YjPWqrP_-WQ4j6Y5KA8QVPdoRaWRO2TzmYiQeAjAgherxUiorrdxwGHGw9zjQOcH_oJYyrGxVh-uaL5SZuqMN10ta9sLV7cWqwzPPnSrvNBkRz1ufCbZSfgSJAkRVUt3eOYbrrmSiVr5M5AIOjUheYb8MbgQZJlkKXeYXssFYcXYRivgwEvwBnD8REGwhwYEO6TufgJ_-AHvY_Z3ea5wOJLoeboqs69ZTJOt72UVLvdSy4_IlcMYmu3K89Qd7_phHzdC3kOsLodGwgSaWmBWEeJsjc8jmqbVJU_y95BWPrqmcvdq0NeY-GwG_jFlQQTC8OWqgFB00MCgDrjGjvhHelblL6illwS56qRetHFHxDp-QfuwV3XEu18i-CQepzJqdaBkhb_vQCqBzv8E8Yie8I_R4Mblo8shHj7e_0N0_Q2cj4NBMDZXnshe3Mq-KsHPUvi4tg3N--XkUk8MMIwsIcQbN2QHwfdAhlrOujbTT4NcSh1hBZikCUc5xaX1-barOmPmFuzz3OZF9_lJBXnYEatMfU1mzuEZNJb1seHJc_0pnPE9B-IHZfiIcKyw4Q9pGYbtD2slAUIh1ZhHlGsiMxWXyPn2X6kk.itXARGxjzNWbHUMCJJCyJA","type":"text"}]}},"status":"OK","code":200,"_postman_previewlanguage":"json","header":[{"key":"Content-Type","value":"application/json"},{"key":"Date","value":"Tue, 19 Jul 2022 09:18:46 GMT"},{"key":"Cache-Control","value":"no-store, must-revalidate, no-cache, max-age=0"},{"key":"Content-Encoding","value":"gzip"},{"key":"Expires","value":"0"},{"key":"Pragma","value":"no-cache"},{"key":"Transfer-Encoding","value":"chunked"},{"key":"Vary","value":"accept-encoding"},{"key":"Referrer-Policy","value":"no-referrer"},{"key":"Content-Security-Policy","value":"default-src 'self' https: blob:; font-src 'self' https: data:; img-src 'self' https: data: blob:; object-src 'none'; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' https: 'unsafe-inline'"},{"key":"X-Download-Options","value":"noopen"},{"key":"X-Permitted-Cross-Domain-Policies","value":"none"},{"key":"Permissions-Policy","value":"accelerometer=(),ambient-light-sensor=(),attribution-reporting=(),autoplay=(),battery=(),camera=(\"https://id.ubble.ai\" self),clipboard-read=(),clipboard-write=(self),conversion-measurement=(),cross-origin-isolated=(),direct-sockets=(),display-capture=(),document-domain=(),encrypted-media=(),execution-while-not-rendered=(),execution-while-out-of-viewport=(),focus-without-user-activation=(),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),idle-detection=(),interest-cohort=(),magnetometer=(),microphone=(),midi=(),navigation-override=(),otp-credentials=(),payment=(),picture-in-picture=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),shared-autofill=(),speaker-selection=(),storage-access-api=(),sync-script=(),sync-xhr=(),trust-token-redemption=(),usb=(),vertical-scroll=(),wake-lock=(),web-share=(),window-placement=(),xr-spatial-tracking=()"},{"key":"MiTrust-azure_instance_id-gateway","value":"d29ec50e2353fd96ac8ed72619c1a2fb36a21ed6c3f22a5075cd2c606bb89829"},{"key":"MiTrust-git_sha1-gateway","value":"af3495bfa9135509856e1d80268257af04124eb2"},{"key":"MiTrust-azure_instance_id-datasharing","value":"d29ec50e2353fd96ac8ed72619c1a2fb36a21ed6c3f22a5075cd2c606bb89829"},{"key":"MiTrust-git_sha1-datasharing","value":"af3495bfa9135509856e1d80268257af04124eb2"},{"key":"MiTrust-spring-start","value":"2022-07-19T11:18:44.285477657+02:00"},{"key":"X-Content-Type-Options","value":"nosniff"},{"key":"X-XSS-Protection","value":"1; mode=block"},{"key":"Strict-Transport-Security","value":"max-age=31536000 ; includeSubDomains"},{"key":"X-Frame-Options","value":"DENY"}],"cookie":[],"responseTime":null,"body":"{\n    \"status\": \"success\",\n    \"data\": {\n        \"flow_status\": \"completed\"\n    }\n}"}],"_postman_id":"1bbf12ec-4ef1-4e7d-9220-666cbcc27232"},{"name":"Get user_Info For autoUpdate after polling","id":"b1f0d9cf-5a54-4504-8574-f6347bbcff51","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"auth":{"type":"bearer","bearer":{"basicConfig":[{"key":"token","value":"access_token"}]},"isInherited":false},"method":"GET","header":[{"key":"headless_session","value":"headless_session","type":"text"}],"url":"https://sbx-app.m-itrust.com/user_data/v1/userinfo","description":"<p>Get info from the back end using <code>/userinfo</code> with your <em>access_token</em> and your <em>headless_session</em></p>\n","urlObject":{"protocol":"https","path":["user_data","v1","userinfo"],"host":["sbx-app.m-itrust.com"],"query":[],"variable":[]}},"response":[{"id":"d52d7f9a-ed25-4d34-aeff-d7f69ee1933b","name":"Get user_Info For autoUpdate","originalRequest":{"method":"GET","header":[{"key":"headless_session","value":"headless_session","type":"text"}],"url":"https://sbx-app.m-itrust.com/user_data/v1/userinfo"},"status":"OK","code":200,"_postman_previewlanguage":"json","header":[{"key":"Content-Type","value":"application/json"},{"key":"Date","value":"Tue, 19 Jul 2022 12:59:14 GMT"},{"key":"Cache-Control","value":"no-store, must-revalidate, no-cache, max-age=0"},{"key":"Content-Encoding","value":"gzip"},{"key":"Expires","value":"0"},{"key":"Pragma","value":"no-cache"},{"key":"Transfer-Encoding","value":"chunked"},{"key":"Vary","value":"accept-encoding"},{"key":"Referrer-Policy","value":"no-referrer"},{"key":"Content-Security-Policy","value":"default-src 'self' https: blob:; font-src 'self' https: data:; img-src 'self' https: data: blob:; object-src 'none'; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' https: 'unsafe-inline'"},{"key":"X-Download-Options","value":"noopen"},{"key":"X-Permitted-Cross-Domain-Policies","value":"none"},{"key":"Permissions-Policy","value":"accelerometer=(),ambient-light-sensor=(),attribution-reporting=(),autoplay=(),battery=(),camera=(\"https://id.ubble.ai\" self),clipboard-read=(),clipboard-write=(self),conversion-measurement=(),cross-origin-isolated=(),direct-sockets=(),display-capture=(),document-domain=(),encrypted-media=(),execution-while-not-rendered=(),execution-while-out-of-viewport=(),focus-without-user-activation=(),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),idle-detection=(),interest-cohort=(),magnetometer=(),microphone=(),midi=(),navigation-override=(),otp-credentials=(),payment=(),picture-in-picture=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),shared-autofill=(),speaker-selection=(),storage-access-api=(),sync-script=(),sync-xhr=(),trust-token-redemption=(),usb=(),vertical-scroll=(),wake-lock=(),web-share=(),window-placement=(),xr-spatial-tracking=()"},{"key":"MiTrust-azure_instance_id-gateway","value":"7bf5a65c9ab6652b7e960fdced88dd5501d933c0715fe792714d5d958b2e56fd"},{"key":"MiTrust-git_sha1-gateway","value":"a8c1ab10eb04a8092802abaceaf58177410567e7"},{"key":"MiTrust-azure_instance_id-datasharing","value":"7bf5a65c9ab6652b7e960fdced88dd5501d933c0715fe792714d5d958b2e56fd"},{"key":"MiTrust-git_sha1-datasharing","value":"a8c1ab10eb04a8092802abaceaf58177410567e7"},{"key":"MiTrust-spring-start","value":"2022-07-19T14:59:14.510640180+02:00"},{"key":"X-Content-Type-Options","value":"nosniff"},{"key":"X-XSS-Protection","value":"1; mode=block"},{"key":"Strict-Transport-Security","value":"max-age=31536000 ; includeSubDomains"},{"key":"X-Frame-Options","value":"DENY"}],"cookie":[],"responseTime":null,"body":"{\n    \"status\": \"success\",\n    \"message\": \"These user_info have been popped out from our systems.\",\n    \"data\": {\n        \"user_info\": {\n            \"name\": \"MR LACELLE BENOIT\"\n        },\n        \"post_processed\": {},\n        \"links\": [\n            {\n                \"rel\": \"self\",\n                \"href\": \"https://sbx-app.m-itrust.com/v2/sp/userinfo\"\n            }\n        ],\n        \"user_consent\": {\n            \"jwe\": \"eyJraWQiOiJLRlpxTUp0Y2p2WGc3RVNEU3dtOG1nSmJLcTVDdmRMaG9EUDl0a2UydWdJIiwiZW5jIjoiQTI1NkdDTSIsImFsZyI6ImRpciJ9..NSXO1Ks_xV7bJF9c.pI6KVNdJCzHH0-xpYoa5vmnNldgZIasS6ZkUmBdPplEn37emXWbjE-_AsUQX6I3AiaF9kksRW1TWlLDNlRO4m0pYZZk_PZXqVU8eYuSj9BzQlTjGDYmvgHv-QBAFWeXJYePcDw68vTXG_MVw1NJgRWa1j_jaG5sG1uNP7fqrVqlrW-Ju4cQdRtQlShXY8hiAOrgkkfQPL7lFqnPIuIPM5xmhGQbEtyUrkhUfsUvuvMxlO4ig-W6z-Sdl_kbk-RbZ.D3m7fJYTIIScJTc6W_B-hw\",\n            \"links\": [\n                {\n                    \"rel\": \"self\",\n                    \"href\": \"https://sbx-app.m-itrust.com/v2/sp/userinfo/signature/userconsent\"\n                }\n            ]\n        }\n    }\n}"}],"_postman_id":"b1f0d9cf-5a54-4504-8574-f6347bbcff51"},{"name":"Autoupdate token renewal","event":[{"listen":"test","script":{"id":"5643b3f2-f3cb-4413-9edb-0b6df12a22f9","exec":["// Check there is an headless_session\r","    var jsonData = pm.response.json();\r","pm.test(\"Check headless_session\", function () {\r","    pm.collectionVariables.set(\"headless_session\", jsonData.data.headless_session);\r","    pm.expect(jsonData.data.headless_session).to.be.a('string');  \r","});\r","pm.test(\"Check sharing_flow_id\", function () {\r","    pm.expect(jsonData.data.sharing_flow_id).to.be.a('string');\r","});"],"type":"text/javascript"}}],"id":"9342bf39-e7fb-40e8-87b0-3b407cc43121","protocolProfileBehavior":{"disableBodyPruning":true,"followRedirects":false,"disabledSystemHeaders":{}},"request":{"auth":{"type":"bearer","bearer":{"basicConfig":[{"key":"token","value":"access_token"}]},"isInherited":false},"method":"POST","header":[{"key":"headless_token","name":"Content-Type","value":"{{autoupdate_token}}","type":"text"}],"url":"https://sbx-app.m-itrust.com/v2/sp/autoupdate?headless_token=headless_token","description":"<p>To be able to start your headless session, you need your a headless_session token. You will ll have to make a POST request with your previously created <code>access_token</code> and <code>headless_token</code>.</p>\n","urlObject":{"protocol":"https","path":["v2","sp","autoupdate"],"host":["sbx-app.m-itrust.com"],"query":[{"key":"headless_token","value":"headless_token"}],"variable":[]}},"response":[{"id":"2507d3d1-539b-42f2-b973-fbc6e12ad0bc","name":"Autoupdate token renewal - SUCCESS","originalRequest":{"method":"POST","header":[{"key":"headless_token","name":"Content-Type","value":"eyJhbGciOiJQUzUxMiJ9.eyJhdWQiOiJ1YXRfTWlUcnVzdF9EZW1vX015T25saW5lU2VydmljZS5mciIsImlzcyI6Imh0dHBzOlwvXC91YXQtYXBwLm0taXRydXN0LmNvbSIsImp3ZSI6ImV5SnJhV1FpT2lKb1pXRmtiR1Z6Y3kxa1pXMXZYQzgyTVRreE56RXhPVEkxWVRjME16UTVZV1ExWmpZek1ERTBPVFUxTmpjM1pDSXNJbVZ1WXlJNklrRXlOVFpEUWtNdFNGTTFNVElpTENKaGJHY2lPaUpTVTBFdFQwRkZVQzB5TlRZaWZRLnVCZzlvOG9SVGJwc1ZkRjlwcktHSnI1eU9namZ0QnVtZWZGOXhtdDJNTEtmSUZDY1Vpc1h5UC04R2ZfNDhlVVAwdGZnSkNsczZtbTRTTHpGRkoxTmZ1YzRTTmMxeXBMUk5saHNYdURXOU0xZDJwSk5KTzg0bE1SY3pVaWVWTURSdUhVX2FSbEdaNWZiSFhzYklZZElvenNFSEJyUGx2N0YzTVlfQjNTM3lUZ1lVbk5wamV2cXB1NFJCMUI3VjdkQUF1QXBsTXhvWV84d1FVMU0ycE9CVDdQbFo5R3Y1eno1Umt5clRSdkF1dWI4RE5RUEd0Vm1HeUVkLW9ab1V5NnhkZFNMZUh0XzNMZE1KNWJOaGxtaUlrU18wWmJBaTZpS3J1YWpDZThxeExUUWM1Ym1qMGZrQ19MaHRpSXFOQ3JDQ1p6cE1IVFlWQ2xNVm1ZMkZhd2hIVHF0cjJVaTZ6cWpGa29wWHV3aXVlYkpHOTEwUWR3NHMzcnU3cEhMU0dvU3l0ZmFZX3hMUS1JNnl2OUNacnFoaHBmMEg0Rlp3YTVqWHJZZ29RaWxzb05HaFo4d1h5c1NkUUJUZmJrdDhWRWdCWTRHRzRhXzVYbFZ2SGdEZ2xQcGpESG9WYTgtZl8wRWFubHYtV3JUQTFtazA3RktxQ3lMTjRwT21UU19RMi1hN1JRNHBMT3Y3cVVhbFg5OGM5ZVc3OGdHdUxkdFdvMFA3OFhlNENyTGdUS01PN0hhRkt0VEdMdDlsYWpMOEVuRjBqMVVBcnc5UWZxYWt6ajFQSFFqS1dLenlPaW9HRjdQQV9ZM20xUmYwVnphUlJlMnRVTkpUb1QyRlBUWDNJZjRZRElJUFlmZDBSTXNMZkxqN0E0N3M3NG00QTFaUkMzeVhYeVo2Q2Iyd25BLmk1X1dQR3Z4dkxBTnJaOU91dk5QR3cuMDl2Q1FQNTBMZDRlT2pETXlqUzk5LVpBRXloTjN0V1VrTmpYRlBYb2lVY0tUa1lwc2Q2UUZ1RVhYUWJ2Ql96dEJuMm1LdElHVjF4QkVJVHVzUkV2b2F0b3YxVjJrOHhzaXBBOG1Td1h0QVRlelNoYXF3MGRUelBXenVEdVo0RkFBNnZxRzJqbm1EcU5CZGFHQlJuOFlTQnVDVVBhdFhYXzFhZVVPcThVWjdaMlFxZE90X1daZ3BfdWNVUjRfXzZiVFIyV1pLUmNrYzIxZFY3T2t3TjdNNXpnR3dNY2Z5cE5ZX1JfVm95X0hWLUFWM2dRMXRiemVTOW1Lb1ZwWGRCQ29FOHkyV0FaOWU4S25qT0QyUlo3Y1dvSEc0LTFYOWJmeTRMc3RyQlZYTTNndmhYRWVmcjA4QzFWdEtmN2g5ZHVFbllsNmFEWDYyWU45MTFIakI3RURuc3UxLTFVVmhPclJCX0NxWEJQZ3VXYVZmLVBwaDdvLXRwQ215UVpqS2l4MkpENUhKd0FRUXJOTkVIcXhyTTlBeU41dUZ6NklUQkN4RE5ic3FEQ1B5YU1NYzV3VkV6NlNrdXZQMmo3ZjVXcmdZWWhpV1NmbUhsZlhVMTJwUWVwWEtsZVA2ZGY4OXJjbFJnZzZDVjFZU19tYW9kX29SM18zcUhlNlVuVGlDcVZVdTIwQ1FvSnpuRDVJeW5YTXdaa2ZHTVBIbE1ZUVdSN0lIaDVLbFVCLU04bWoyZWF6WmxWMEVlR29PT0xlSVp2Rm85QzYxY0xJRGs0YlhCdWVnbFJaV1h5MVBHTHpmZ052LThjcFZFQmJQSklFZ2RJZDBPb0taTjdxQ3VPTW9RRkdtc25fY2lzcDRKb1A3YUMtU3hoenk5OUpfN0FPLURVdmppRFlDZ0Y2SDlfeTBNREhILVdTRmROTHZTeHQ5czVrdmpKQkt4NVRsOUlqeG5KRlEwOWlBLnhyY0VCODhydjJ4aW55VUhZeVNOXzdOT2hCT1IxS3U0U1plX2lvV2RFbVEiLCJleHAiOjE2NTM5MDgzMTAsImlhdCI6MTY0NjEzMjMxMCwidmVyc2lvbiI6IjMifQ.pxZwDk15gtDzCRFRw_OX6D2L8R-g3H_WV4jRZh7fLxdSll30a-NkGSAY9nUnHHXoicIyK4vQ3oiZALzGRuV2f1rEudwg__G0WKTbrE0RlTk4zRSOqd6AR9nzt3itPx_cyGqtmJvj_kFlcrF9wnFCU-bwwHp6UAM_Q58jBcR2TfvU4VL1BpDd5_nb5fv1pNKmsyDlYHoD6FRikvrC0qlVxzSh2HPZqLAZcW4trvZY2y_WmF_HZQYimDrNDPjrjL7E66S4svSsCnksFjpn8gjRdPeq_2V2kzuwr1W0e1UGjz_oGCvDdsZ0JHdjXolYwNbzgT-ARCvd9ltWfwZ9NnTEUmRjLShg7NodyFtYjkH-gyrNnX_OM1c1UoIPNKkzt-Gd3doRDlx28YoFtWXcmliWBNsGSIWHrxKLtSAJJzDlhCVB1rPwCuOGUQC1AN2M6dzmjukHp_jSLIRYvmQNX1rS1MY7IypbnTFMR8kGMjbyeJKX-dv7OXpTLDhXBbhkqeJX_SDiNhyiSXA8zKu1aZ4Vi5M1oS4ZA5DRY4hxuqB4SuxfHFt2QzQbPJjXzvgkLMULSTwRA_hc_vj9LBgWH_v3Qdh007iNVd8RDZb8fcaveLsIDgEJkzOalN2ki-12qQyZysq3KAvs9fL7shPv_ln1whnDq3_gb8cJDEZ9bRg7Da4","type":"text"}],"url":"https://sbx-app.m-itrust.com/v2/sp/autoupdate"},"status":"OK","code":200,"_postman_previewlanguage":"json","header":[{"key":"Cache-Control","value":"no-store, must-revalidate, no-cache, max-age=0"},{"key":"Pragma","value":"no-cache"},{"key":"Transfer-Encoding","value":"chunked"},{"key":"Content-Type","value":"application/json"},{"key":"Content-Encoding","value":"gzip"},{"key":"Expires","value":"0"},{"key":"Vary","value":"accept-encoding"},{"key":"MiTrust-azure_instance_id-gateway","value":"d29ec50e2353fd96ac8ed72619c1a2fb36a21ed6c3f22a5075cd2c606bb89829"},{"key":"MiTrust-git_sha1-gateway","value":"9045f8c9354fe15075a8d6a5f0bac90b4d18c003"},{"key":"MiTrust-azure_instance_id-datasharing","value":"2f82fcda71047f2cee039aca2508dd3ba4f1da517325421091357c6b28aa93c6"},{"key":"MiTrust-git_sha1-datasharing","value":"9045f8c9354fe15075a8d6a5f0bac90b4d18c003"},{"key":"MiTrust-spring-start","value":"2022-03-01T11:58:51.373746+01:00"},{"key":"X-Content-Type-Options","value":"nosniff"},{"key":"X-XSS-Protection","value":"1; mode=block"},{"key":"Strict-Transport-Security","value":"max-age=31536000 ; includeSubDomains"},{"key":"X-Frame-Options","value":"DENY"},{"key":"Referrer-Policy","value":"no-referrer"},{"key":"Content-Security-Policy","value":"default-src 'self' https:; font-src 'self' https: data:; img-src 'self' https: data:; object-src 'none'; script-src https:; style-src 'self' https: 'unsafe-inline'"},{"key":"X-Download-Options","value":"noopen"},{"key":"X-Permitted-Cross-Domain-Policies","value":"none"},{"key":"Date","value":"Tue, 01 Mar 2022 10:58:51 GMT"}],"cookie":[],"responseTime":null,"body":"{\n    \"status\": \"success\",\n    \"data\": {\n        \"autoupdate\": {\n            \"access_token_wrapper\": {\n                \"token_type\": \"headless\",\n                \"access_token\": \"eyJhbGciOiJQUzUxMiJ9.eyJhdWQiOiJ1YXRfTWlUcnVzdF9EZW1vX015T25saW5lU2VydmljZS5mciIsImlzcyI6Imh0dHBzOlwvXC91YXQtYXBwLm0taXRydXN0LmNvbSIsImp3ZSI6ImV5SnJhV1FpT2lKb1pXRmtiR1Z6Y3kxa1pXMXZYQzgyTVRreE56RXhPVEkxWVRjME16UTVZV1ExWmpZek1ERTBPVFUxTmpjM1pDSXNJbVZ1WXlJNklrRXlOVFpEUWtNdFNGTTFNVElpTENKaGJHY2lPaUpTVTBFdFQwRkZVQzB5TlRZaWZRLlJ0cjVzbFYxaGF6ZlZJUnhEZWJrTGtPMWFPR0VyX0lRQklNamJMRFpFYmhZcTROem9PZFNlTkVZdWNRN21UUS1jbzQ1UWZOVWVwelMtaUFJRXR6NDhJX0dKNXZCcVVIN0RCTzhCaXk0SkE3TkpwUW83SW9FLXA3RlZIX0wwd29BeWtyTlZIMzVmOW4xMW1OS1FVZ0N5WVFWWHhtSVVtVXIwbHMyMGZIdXdjaHBPT0d4QXlRUW5TcHR6SEpzb01Jc1hPTUwyZEtrZ2RGZlBfdkRqLVlnWjdvbTNDWlFEdzB6Skd5bER1cDBLVE55UzY5eGxsdms4VkZxM0JyUmdJbnR0X3RCVE8yMVJVSU92UFdNeTNyX2tOUDRJUGZkVDBPV1g2azhoWGtPNzJwMzFxeEktR29nQ3JEVExSb2hIU08xOWFMQnQ4ZERiX2IwdV9vamlxMHZtM1RrY1V2LUpUOW12UDhGSV9icm1DbGdhVkxmNmNEaWhVNWpvRm9tX3pDanN1djNWU2t5YW9XYm1seUZXNEs2MXBrSnFDSUQySFpqV3lXMXBlbWVoTFNOR19KMzh6OVhkaE9GNVpEbVZYTDFPYmRjZW1QYXlXd3E2aUozQ0g4a1dwWHNpeXpGQk1NeHhEUlFRVXBuMm9ZYjg4OXJscnFBRHVwWktzdktWOEZfZW5rQTBFblBnemlCZ3NqWlNLaEo4ZlpoNUIxamZEZUZIdU1CdW5ZMmFuT2U4aENtMm1fRnBTQ2FlazNvM3hXMUdvWFFpMGF2X3FPZGVCSHRmeW92WjZzaGpOelFWQUp4cGNDYXlfdU56b1hEa1lnTUJIWTRQaXR0ZmVMblR0RGlheU5UQlM0cGVuNmxLWVZGb2FScGZhei05MnJuT1kyekRQazdUb1NqU2NRLjdtM2wyX0dGWjE4YlVHUkc5dmJ4VEEuNHYxMGdjVlpxb2tiZEJScFhhd19MdXJNdXNJUUx5eWdxMUV0MzlWUGZIbjV3dkRiT1BnY0xRWEVjRlRsSzh5Qlh6Z3NjNGtsOGJINVhFQjhhaFRnYW51Nlg5Z2RYUUNqbGt6YkllN3hMcjBnQUllOGdMN3dWUEJGdnlxMTktNjFlRlo2TXVoY3hpR1pkYXRyeDFpVTdSb1VkNmthclZWVjBJZFdtYlFPVHBTV0hNeEprTTFLUXFfdXJFanJsZkRrQ2lJTm90OWFJalV0Q3RiOWlPWmhDU2t3OXJBaWpsUjhsYlVhSDNnVVFwZ3FDeEFWNDRIZ3pLazloWUxreTZhYk91S0VmM1lyYmpkdTJLNWNNTjJvZGtpaUduUTVTSkE4VTJxOWV4eUxITkQ1bElnbVhwMVdIZjB5VUdTOXhZQkJYWWhqQWdtSHZGcDRWcTdlcERrXzE5WG9RMzlvRmhpWHV3SmpaZ3ZuMnVad2NVWEtBRU1aVjlOSmJOM3F1NWJFWEpBSW1fWjU3dEVMbWlTVzk2WEE2V2xobGdqci0tZmJpamdQOC10TzVYTmJMTkJJbkc1MG5Sd0xlVG5yY1dLN29EcmRLMDhfQmFnTDlaNTVHY29DVmJ1bmtkamg4RW5vVEd3MEJYRWdNQW5oR08tNVdnc2tWTjhUb1gxRjk5NHpTNlRUR1ZVLURKWENZR19zQmJNQktDODNOTDdYZXQ5VU9BSnBQSWExd3lCYUtuTXNENFNfWnNVSWlRMU5EWDhWSVFhczQ2bXFmM0FlcllqeGZyWDNKOWFYYVFwUng1RzFfV3hWbDNpdm8yMTVhSk5POVJMZXFMQlY0VTJNR2NMTEVQVllkVVRrOEN2THp2dnd6RG8xRmpBSTJHNnloRHF0S0tsRG5EYjN3LWFiWFdlTE42d2VJVXZhZDVKN051VUlBVnc5RFRwMVVYUmlSa2JQVWR4VWZnLlhFNmVQbzg1NUJsVHNKdUV0c2g4RWNFR0VwbUx5ankxTTAzSVJVeXV6TDAiLCJleHAiOjE2NTM5MDgzMzEsImlhdCI6MTY0NjEzMjMzMSwidmVyc2lvbiI6IjMifQ.gcmH0P-hl-4AvZGmKeAedveAewPKwm8nh8B0Ud2QtwWvQq2vdCs11cEaMlsvDe2Qn-D0ZMmlVUknoZPf6jomwdO7iO2pNug-42-55gV2AVvG-TLv6rPMbSRzTrwgIViIww-RRjlX7X1USemv8pB69ebvjuT6itqrwh8YT-FagHnGKMItXMFVNbMaEIJ0yRSzrXaK3P8iZ8I_PyFx8OP3gGdNNl02Vu5ETU5Ih93FEcS01A6cJ4TN5ySdtAYoGbV1BGqgWiuvKG2spKeSe5RM4XgUTQ3zMT0onxNIrt9cg0Z-SUC5nZd9RZUluyJ4umY02vyCyuVz4PmpL5ZG9EPAz5jQmtHJOdel64Ti2E75TiAcD6gODRNmUlug07hkV-NI93Wef9Rbi3HoRNsnPGiw8BBkOTM9FPmPxque_slYtkxEr9SpRuUVvrkean_ldXjhPUAzAtJ0liBml0hQCoh2f8wyaI59ZdjsvinVlZdDjSLEynUQ2XcJCzsQcO_Xbe-IXV8MDzU2-FKc331BM4tkHBhiPy5zTSFz5_KAWRqMzcaIkKNeQRteJzaTQmiNnj-cXInyjO-UYDMsDarjSf-eOPAL31OhhIbqwa8Yo9CjYtp5KZbIH8hTnNk9Ma6VO-hFf7DcRV8rrRZlC-VjzEU042VvOeDZAYRdBZanycBxx-E\",\n                \"expires_in\": 7776000,\n                \"links\": [\n                    {\n                        \"rel\": \"self\",\n                        \"href\": \"https://uat-app.m-itrust.com/v2/sp/headless\"\n                    }\n                ]\n            }\n        }\n    }\n}"},{"id":"f8d304b2-d763-425b-969c-4d7f34b24ba0","name":"Autoupdate token renewal - FAILURE","originalRequest":{"method":"POST","header":[{"key":"headless_token","name":"Content-Type","value":"eyJhbGciOiJQUzUxMiJ9.eyJhdWQiOiJ1YXRfTWlUcnVzdF9EZW1vX015T25saW5lU2VydmljZS5mciIsImlzcyI6Imh0dHBzOlwvXC91YXQtYXBwLm0taXRydXN0LmNvbSIsImp3ZSI6ImV5SnJhV1FpT2lKb1pXRmtiR1Z6Y3kxa1pXMXZYQzgyTVRreE56RXhPVEkxWVRjME16UTVZV1ExWmpZek1ERTBPVFUxTmpjM1pDSXNJbVZ1WXlJNklrRXlOVFpEUWtNdFNGTTFNVElpTENKaGJHY2lPaUpTVTBFdFQwRkZVQzB5TlRZaWZRLmNibWxydmJ2Ylp0RlRGYlp6ajNCSUpUZkR1UVhVdzU4TlFDM1QtZEIxRjEtSFlEUTFPQ29aWDUwckNNZmx5cWxJc2xhaHdtdU0zRkVZbEtydnRuTmI2VEVTNXNRWWdwdVVJXy0tdTV5aFhHdWVianlUUmF5NTd0TG52WnYxY0ZLZjRxNjFaaGNUUjlZYTdvdXZZN3ZRU2NOM0tTQ3MtNnVRckU4a0hTYTlESHpUc2tXcEl3bzI0UFFXY2xVSmxycHo5ZE9pVlVhaUV4M1hMVEM1WnhRT2R6VktyOEdnVExEZTJHZXBVVjZ1ajJZS2RoSEFyTm1NcndjQ0d2Q0FZcFo2dG94VWxFYnlkTHNLaTExdTVadzY4ZU13Q0hpT2g1enB0a2VfTkE4QlN3azhQbm5zNzZaMDk4aVBNVGNSME9GZWs3ekVheVRvaW43M3NUZC1IbTZ2b0p0aEdHTmhUN08xSFRhWWdIWUZfejdJYWVJa0k5emxhRUctdDNaRHl1ZkFxc2UyOXRzc2NDdXZCbmpHRjhWX3FNdDRXTnh1OUE3eUF3ZkhnekJPemFUcDZHSXItXzAza2V4V3EtNW1zX3Vmd2Q5blh5a0N0bWxWS1FRLTlxTmFPdG9tcFI0eWJkQVBqSnNsaTJGUHFXWThXbkZmbUZ1ZjhobG9HMFMtU1hKQXVCVWlSaDZjT0RXbkJMUlNPam4zMTN1MHFyZE10ZEl5Y25WZ044aV95RlllQXA3OG94RFozUFVVZUZ0ckk2VTFIOG9PM3BFTF9kejVFU2hEQ3NldDVoWXpGeFFEdzkwT19fMTl1MWdTdVN2SlBQeTVCNm5DamJYZzIwblN4X2ZYclpLSHA3eVVpT3ItdG1oaDEwdS1oZDI5REhUNGw1TG1pUTl2RVhQbm4wLjhzeWVWaS04eVhqMTVweE5lZkpjRncuODhhWWlCc0JtMXYycHVuQ0tiQnpSdEYtdlNQMFJKMHN2Ml9DSDI2VWV4OHNEaDJVMVZBMGEzV1FDaUpBcGJOX3lUZ0huNzR4YXFXa3FzMGNNbWhqN19QY3lPSXZ4QWFWaHNwNHBFbnV4UkpuYnV3MUhKS0gyU3J0SWcwaUh3T0VaYWFoWEREWlpOTTFOZEFucWFhaWJHV0V3X3R3NmE5cXZrSnZDLWUtQzlNMTNRbWwzNzN6MGFxaW11aWxIRnRHWjI0dTFJZFdkVEhuTE11dUhNR0p2QmdQUXpPTzA0QzdBakVWOHM0TnJ6NGNPZDJkQnJxZnNIbVlodG0ycjNXVU9OOTlLVWxVMjdvdHl2THRVcWZNLWY2cHdpS19NMVNTeUhYSFI5V09aNDRWNDM0Q3N0djkwV1Y2VFdYWHJsZmVHYXhnNGtfOXRSLWxDZUJBSmR3V0JFal82dnR5NTQxRDNiTWhmX3l5aGsyWE1JSkpha19oaGpNRTRfdC1YVVI3M2J2RDJUSzZvZUFqdWM3Y2tIdC1UaURUektEUzZXeHV0c2hhZ2IzcE4zYlpJaGN1clJhSllNY1BJTzB3Wmd0OC1GZWZJSXpRUEo1ZU14NFY5ckg0VTdGTHRsODFEaHNSSGJKU2I5c0x4TzZybUJqTGg1TFNYb09wMGoyeEpGLVgxMDFPWTcyZGt4cGJleDBZVWUxNjdXdmpIMlhMcG1wQXlqVmh3S1lPTXNsbjhHNGZvWVhkSVJIc1BMb3dHMi1Vc01JUFdoOGdBd1BZWkJaOEI3OTZRbEs1cjdLMWRucmlfb0FpNTdOMS0yZi0tZ0hfVkVuc0g0T3FsTGY5NFFRX2lmOW9vT0xvZW5NNXJzYU95MU5MQkQ2OEh5RXljOUYyNVJFalFSbkRlMXlacUx2X2FSeFlHdGVKdTZUU2Q1Y2s0TXEtbkFZaVhfR2R1SFV4bDJ2dllBLmpUTWFvdWo5dG9qV2M1dXFwWGNiM3ltTzZaUDEyZjBTMzNlTGlBNkVBWWsiLCJleHAiOjE2NTM5MDYzOTQsImlhdCI6MTY0NjEzMDM5NCwidmVyc2lvbiI6IjMifQ.iR7gCmtDzhxXU05fG7RtTkM4Gad2nWd9WIRlFDB6fAlBJEE2a9-PpyqkjhscgceuZ1MXC9Er153dt_P4htCJgE_owNB9S8KyGl8XfgWd4wNLN622wyb-jPfdRVJReRPt-WTB3Shx2fKi6E8ZMi7i_rgC6W8b09LOPMsGyd6iWS5rmmj-q8HGJieIGdEjfl2KATWb0o1EYlvXXLcrrQilL530TM_GBLYJmdwZPjIuwCWD_guzX2KNA-pBPUW7P4a6w8O6sb8ULalxeGbThvwn8_bkxpQgbPwQbTtjXlmEW9QNmfmhIgLLL0ohiIxZhURaVJDIAuA7fyLKMAfWiwvfsrsG_2yT0oU3aiR4N29s3ihRi4XkDS9A5qguO1uczBj607NkbZVXCwgY42cqORHOaQnVXVSpoEN9bcd1Odr9bYVWj1iLhP_DyYNS8iorHGDa5ywp0eR_PH5c_1ElwLCSLWip0jViS-e5eO3LyepQPe8LlLiHlIzVLi4D4SMMphWRj3F0AA44zu_wbc4KulIAtC8Nd_MxFwNWBJw9nl9P6pyGFH-rdho3ftTnt6hp0RqERlx7vx4Drgpf8K0hvQw9XXjxVBrq2Xh-gshXleqtXZ8T2VOegBxtD6sk_RhpN31h5gNw6m7eL5NtVzIaYzZYax6i67ep9GS_gCmObF6nhlE","type":"text"}],"url":"https://sbx-app.m-itrust.com/v2/sp/autoupdate"},"status":"OK","code":200,"_postman_previewlanguage":"json","header":[{"key":"Cache-Control","value":"no-store, must-revalidate, no-cache, max-age=0"},{"key":"Pragma","value":"no-cache"},{"key":"Transfer-Encoding","value":"chunked"},{"key":"Content-Type","value":"application/json"},{"key":"Content-Encoding","value":"gzip"},{"key":"Expires","value":"0"},{"key":"Vary","value":"accept-encoding"},{"key":"MiTrust-azure_instance_id-gateway","value":"2f82fcda71047f2cee039aca2508dd3ba4f1da517325421091357c6b28aa93c6"},{"key":"MiTrust-git_sha1-gateway","value":"9045f8c9354fe15075a8d6a5f0bac90b4d18c003"},{"key":"MiTrust-azure_instance_id-datasharing","value":"2f82fcda71047f2cee039aca2508dd3ba4f1da517325421091357c6b28aa93c6"},{"key":"MiTrust-git_sha1-datasharing","value":"9045f8c9354fe15075a8d6a5f0bac90b4d18c003"},{"key":"MiTrust-spring-start","value":"2022-03-01T11:29:04.690716+01:00"},{"key":"X-Content-Type-Options","value":"nosniff"},{"key":"X-XSS-Protection","value":"1; mode=block"},{"key":"Strict-Transport-Security","value":"max-age=31536000 ; includeSubDomains"},{"key":"X-Frame-Options","value":"DENY"},{"key":"Referrer-Policy","value":"no-referrer"},{"key":"Content-Security-Policy","value":"default-src 'self' https:; font-src 'self' https: data:; img-src 'self' https: data:; object-src 'none'; script-src https:; style-src 'self' https: 'unsafe-inline'"},{"key":"X-Download-Options","value":"noopen"},{"key":"X-Permitted-Cross-Domain-Policies","value":"none"},{"key":"Date","value":"Tue, 01 Mar 2022 10:29:04 GMT"}],"cookie":[],"responseTime":null,"body":"{\n    \"status\": \"fail\",\n    \"http_status\": 400,\n    \"data\": {\n        \"error\": \"client_id mismatch\",\n        \"stack\": \"java.lang.IllegalArgumentException: client_id mismatch\\n\\tat io.mitrust.sp.mvc.ASpController.checkAuthenticatedUserIsClientId(ASpController.java:91)\\n\\tat io.mitrust.sp.mvc.headless.AutoupdateApiController.renewAutoupdateToken(AutoupdateApiController.java:86)\\n\\tat io.mitrust.sp.mvc.headless.AutoupdateApiController.renewToken(AutoupdateApiController.java:75)\\n\\tat java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)\\n\\tat java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)\\n\\tat java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)\\n\\tat java.base/java.lang.reflect.Method.invoke(Method.java:566)\\n\\tat org.springframework.web.method.support.InvocableHandlerMethod.doInvoke(InvocableHandlerMethod.java:205)\\n\\tat org.springframework.web.method.support.InvocableHandlerMethod.invokeForRequest(InvocableHandlerMethod.java:150)\\n\\tat org.springframework.web.servlet.mvc.method.annotation.ServletInvocableHandlerMethod.invokeAndHandle(ServletInvocableHandlerMethod.java:117)\\n\\tat org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.invokeHandlerMethod(RequestMappingHandlerAdapter.java:895)\\n\\tat org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.handleInternal(RequestMappingHandlerAdapter.java:808)\\n\\tat org.springframework.web.servlet.mvc.method.AbstractHandlerMethodAdapter.handle(AbstractHandlerMethodAdapter.java:87)\\n\\tat org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:1067)\\n\\tat org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:963)\\n\\tat org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:1006)\\n\\tat org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:909)\\n\\tat javax.servlet.http.HttpServlet.service(HttpServlet.java:681)\\n\\tat org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:883)\\n\\tat javax.servlet.http.HttpServlet.service(HttpServlet.java:764)\\n\\tat org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:227)\\n\\tat org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162)\\n\\tat org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:53)\\n\\tat org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189)\\n\\tat org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162)\\n\\tat io.mitrust.security.azure.NoOpAADAuthenticationFilter.doFilterInternal(NoOpAADAuthenticationFilter.java:34)\\n\\tat org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117)\\n\\tat org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189)\\n\\tat org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162)\\n\\tat io.sentry.spring.SentryUserFilter.doFilterInternal(SentryUserFilter.java:56)\\n\\tat org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117)\\n\\tat org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189)\\n\\tat org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162)\\n\\tat org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:327)\\n\\tat org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:115)\\n\\tat org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:81)\\n\\tat org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336)\\n\\tat org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:122)\\n\\tat org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:116)\\n\\tat org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336)\\n\\tat org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:126)\\n\\tat org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:81)\\n\\tat org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336)\\n\\tat io.mitrust.backend.account.anonymousflow.SfIdAuthenticationFilter.doFilter(SfIdAuthenticationFilter.java:103)\\n\\tat org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336)\\n\\tat org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:109)\\n\\tat org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336)\\n\\tat org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:149)\\n\\tat org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336)\\n\\tat org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:63)\\n\\tat org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336)\\n\\tat org.springframework.security.oauth2.provider.authentication.OAuth2AuthenticationProcessingFilter.doFilter(OAuth2AuthenticationProcessingFilter.java:182)\\n\\tat org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336)\\n\\tat org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:103)\\n\\tat org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:89)\\n\\tat org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336)\\n\\tat org.springframework.web.filter.CorsFilter.doFilterInternal(CorsFilter.java:91)\\n\\tat org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117)\\n\\tat org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336)\\n\\tat org.springframework.security.web.header.HeaderWriterFilter.doHeadersAfter(HeaderWriterFilter.java:90)\\n\\tat org.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:75)\\n\\tat org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117)\\n\\tat org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336)\\n\\tat org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:110)\\n\\tat org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:80)\\n\\tat org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336)\\n\\tat org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:55)\\n\\tat org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117)\\n\\tat org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336)\\n\\tat org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:211)\\n\\tat org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:183)\\n\\tat org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:354)\\n\\tat org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:267)\\n\\tat org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189)\\n\\tat org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162)\\n\\tat org.springframework.web.filter.RequestContextFilter.doFilterInternal(RequestContextFilter.java:100)\\n\\tat org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117)\\n\\tat org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189)\\n\\tat org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162)\\n\\tat org.springframework.web.filter.FormContentFilter.doFilterInternal(FormContentFilter.java:93)\\n\\tat org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117)\\n\\tat org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189)\\n\\tat org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162)\\n\\tat org.springframework.session.web.http.SessionRepositoryFilter.doFilterInternal(SessionRepositoryFilter.java:142)\\n\\tat org.springframework.session.web.http.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:82)\\n\\tat org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189)\\n\\tat org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162)\\n\\tat org.springframework.cloud.sleuth.instrument.web.servlet.TracingFilter.doFilter(TracingFilter.java:68)\\n\\tat org.springframework.cloud.sleuth.autoconfig.instrument.web.TraceWebServletConfiguration$LazyTracingFilter.doFilter(TraceWebServletConfiguration.java:129)\\n\\tat org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189)\\n\\tat org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162)\\n\\tat org.springframework.boot.actuate.metrics.web.servlet.WebMvcMetricsFilter.doFilterInternal(WebMvcMetricsFilter.java:96)\\n\\tat org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117)\\n\\tat org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189)\\n\\tat org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162)\\n\\tat org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:201)\\n\\tat org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117)\\n\\tat org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189)\\n\\tat org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162)\\n\\tat io.mitrust.backend.mvc.MiTrustRobotFilter.doFilterInternal(MiTrustRobotFilter.java:45)\\n\\tat org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117)\\n\\tat org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189)\\n\\tat org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162)\\n\\tat io.mitrust.backend.mvc.MiTrustTechnicalFilter.doFilterInternal(MiTrustTechnicalFilter.java:109)\\n\\tat org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117)\\n\\tat org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189)\\n\\tat org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162)\\n\\tat io.sentry.spring.SentrySpringFilter.doFilterInternal(SentrySpringFilter.java:57)\\n\\tat org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117)\\n\\tat org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189)\\n\\tat org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162)\\n\\tat org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:197)\\n\\tat org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:97)\\n\\tat org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:540)\\n\\tat org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:135)\\n\\tat org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92)\\n\\tat org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:78)\\n\\tat org.springframework.cloud.sleuth.instrument.web.tomcat.TraceValve.invoke(TraceValve.java:74)\\n\\tat org.apache.catalina.valves.RemoteIpValve.invoke(RemoteIpValve.java:769)\\n\\tat org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:357)\\n\\tat org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:382)\\n\\tat org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65)\\n\\tat org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:895)\\n\\tat org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1732)\\n\\tat org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)\\n\\tat org.apache.tomcat.util.threads.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1191)\\n\\tat org.apache.tomcat.util.threads.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:659)\\n\\tat org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)\\n\\tat java.base/java.lang.Thread.run(Thread.java:829)\\n\"\n    }\n}"}],"_postman_id":"9342bf39-e7fb-40e8-87b0-3b407cc43121"},{"name":"DELETE headless session","event":[{"listen":"test","script":{"id":"8a9e1a1d-30c8-4d80-ba9a-fecd503a11c3","exec":["// Check there is an access_token\r","    var jsonData = pm.response.json();\r","pm.test(\"Check access_token\", function () {\r","    pm.expect(jsonData.status).equal('success')\r","});\r",""],"type":"text/javascript"}}],"id":"53b230e4-2ffc-46fd-828a-47efae2d49d5","protocolProfileBehavior":{"disableBodyPruning":true,"followRedirects":false,"disabledSystemHeaders":{}},"request":{"auth":{"type":"bearer","bearer":{"basicConfig":[{"key":"token","value":"access_token"}]},"isInherited":false},"method":"DELETE","header":[{"key":"headless_session","name":"Content-Type","value":"headless_session","type":"text"}],"url":"https://sbx-app.m-itrust.com/v2/sp/headless?headless_session=headless_session","description":"<p>Once completed, you should acknowledged to good reception of data. By sending a DELETE request.</p>\n","urlObject":{"protocol":"https","path":["v2","sp","headless"],"host":["sbx-app.m-itrust.com"],"query":[{"key":"headless_session","value":"headless_session"}],"variable":[]}},"response":[{"id":"7a30e4be-3927-448c-b45d-306763640ce4","name":"DELETE headless session SUCCESS","originalRequest":{"method":"DELETE","header":[{"key":"headless_session","name":"Content-Type","value":"headless_session","type":"text"}],"url":"https://sbx-app.m-itrust.com/v2/sp/headless"},"status":"OK","code":200,"_postman_previewlanguage":"json","header":[{"key":"MiTrust-azure_instance_id","value":"<missing>"},{"key":"MiTrust-git_sha1","value":"d4b5a656e3685a27f311e9fd9c96bd07b3e5de34"},{"key":"Vary","value":"Origin"},{"key":"Vary","value":"Access-Control-Request-Method"},{"key":"Vary","value":"Access-Control-Request-Headers"},{"key":"MiTrust-spring-start","value":"2021-07-08T18:03:56.674513600+02:00"},{"key":"X-Content-Type-Options","value":"nosniff"},{"key":"X-XSS-Protection","value":"1; mode=block"},{"key":"Cache-Control","value":"no-cache, no-store, max-age=0, must-revalidate"},{"key":"Pragma","value":"no-cache"},{"key":"Expires","value":"0"},{"key":"X-Frame-Options","value":"DENY"},{"key":"Content-Type","value":"application/json"},{"key":"Transfer-Encoding","value":"chunked"},{"key":"Date","value":"Thu, 08 Jul 2021 16:03:57 GMT"},{"key":"Keep-Alive","value":"timeout=60"},{"key":"Connection","value":"keep-alive"}],"cookie":[],"responseTime":null,"body":"{\n    \"status\": \"success\",\n    \"data\": {}\n}"}],"_postman_id":"53b230e4-2ffc-46fd-828a-47efae2d49d5"}],"id":"c5862121-2819-47bf-9272-0af343036e44","_postman_id":"c5862121-2819-47bf-9272-0af343036e44","description":""},{"name":"Browser Driven","item":[{"name":"v1 - Deprecated","item":[{"name":"{ Deprecated  } - Start sharing-flow v1","event":[{"listen":"test","script":{"id":"fcaa4ebe-6c97-4fbd-ae8f-bc834a3ff057","exec":["// MiTrust will redirect the User to the proper URL","pm.test(\"Redirect Url location\", function () {","    pm.response.to.have.header(\"Location\");","});"],"type":"text/javascript"}},{"listen":"prerequest","script":{"id":"0040fa4f-699d-41e8-81f9-e6deb8fcfae9","exec":[""],"type":"text/javascript"}}],"id":"7f86d399-3bea-4dcf-b8d2-acaa1f60c50e","protocolProfileBehavior":{"disableBodyPruning":true,"followRedirects":false},"request":{"auth":{"type":"noauth","isInherited":false},"method":"GET","header":[],"url":"https://sbx-app.m-itrust.com/data-sharing/v1/start-sharing-flow?client_id=sbx_MiTrust_Integration_Tutorial.gb&redirect_uri=https://www.example.com/redirect_from_mitrust&state=postman-sbx_MiTrust_Integration_Tutorial.gb&scope=name address&response_type=code","description":"<p>{ deprecated } The old way to redirect the EndUser to start a sharing flow.\nIt would be better to implement the v2 version</p>\n","urlObject":{"protocol":"https","path":["data-sharing","v1","start-sharing-flow"],"host":["sbx-app.m-itrust.com"],"query":[{"description":{"content":"<p>Provided on application registration</p>\n","type":"text/plain"},"key":"client_id","value":"sbx_MiTrust_Integration_Tutorial.gb"},{"description":{"content":"<p>The EndUser will be redirected to this URL.</p>\n<p>You have to properly encode the parameters (especially the scope and redirectUri). In Javascript, you should rely on encodeURIComponent</p>\n","type":"text/plain"},"key":"redirect_uri","value":"https://www.example.com/redirect_from_mitrust"},{"description":{"content":"<p>A value supposed to be unique per flow. It will be provided back at the end of the sharing-flow. Not generated on each call in Postman as later call (e.g. to fetch the access_token) shall rely on the samle value</p>\n","type":"text/plain"},"key":"state","value":"postman-sbx_MiTrust_Integration_Tutorial.gb"},{"description":{"content":"<p>The scope describes the data requested to be shared in given sharing-flow</p>\n","type":"text/plain"},"key":"scope","value":"name address"},{"key":"response_type","value":"code"}],"variable":[]}},"response":[],"_postman_id":"7f86d399-3bea-4dcf-b8d2-acaa1f60c50e"}],"id":"a32f5f4c-4718-4ffc-88ca-3b23bbc6dcbf","_postman_id":"a32f5f4c-4718-4ffc-88ca-3b23bbc6dcbf","description":""},{"name":"Start sharing-flow v2","event":[{"listen":"test","script":{"id":"00357286-78c1-47b9-bf09-76607ac8ad45","exec":["// MiTrust will redirect the User to the proper URL","pm.test(\"Redirect Url location\", function () {","    console.log(pm.response)","    pm.response.to.have.header(\"Location\");","});"],"type":"text/javascript"}},{"listen":"prerequest","script":{"id":"a624bcf1-4472-4f91-a98f-4a97dc3bebaa","exec":[""],"type":"text/javascript"}}],"id":"5207ba82-81a4-431c-aafd-d34903c9b241","protocolProfileBehavior":{"disableBodyPruning":true,"followRedirects":false},"request":{"auth":{"type":"noauth","isInherited":false},"method":"GET","header":[],"url":"https://sbx-app.m-itrust.com/v2/sp/sharingflow/start?client_id=sbx_MiTrust_Integration_Tutorial.gb&redirect_uri=https://www.example.com/redirect_from_mitrust&state=postman-sbx_MiTrust_Integration_Tutorial.gb&scope=name address&response_type=code","description":"<p>A typical URL to redirect the EndUser to start a sharing flow.</p>\n","urlObject":{"protocol":"https","path":["v2","sp","sharingflow","start"],"host":["sbx-app.m-itrust.com"],"query":[{"description":{"content":"<p>Provided on application registration</p>\n","type":"text/plain"},"key":"client_id","value":"sbx_MiTrust_Integration_Tutorial.gb"},{"description":{"content":"<p>The EndUser will be redirected to this URL.</p>\n<p>You have to properly encode the parameters (especially the scope and redirectUri). In Javascript, you should rely on encodeURIComponent</p>\n","type":"text/plain"},"key":"redirect_uri","value":"https://www.example.com/redirect_from_mitrust"},{"description":{"content":"<p>A value supposed to be unique per flow. It will be provided back at the end of the sharing-flow. Not generated on each call in Postman as later call (e.g. to fetch the access_token) shall rely on the samle value</p>\n","type":"text/plain"},"key":"state","value":"postman-sbx_MiTrust_Integration_Tutorial.gb"},{"description":{"content":"<p>The scope describes the data requested to be shared in given sharing-flow</p>\n","type":"text/plain"},"key":"scope","value":"name address"},{"key":"response_type","value":"code"}],"variable":[]}},"response":[{"id":"f22c154f-7f33-4650-9919-afef8c5de5da","name":"Start sharing-flow v2","originalRequest":{"method":"GET","header":[],"url":{"raw":"https://sbx-app.m-itrust.com/v2/sp/sharingflow/start?client_id=sbx_MiTrust_Integration_Tutorial.gb&redirect_uri=https://www.example.com/redirect_from_mitrust&state=postman-sbx_MiTrust_Integration_Tutorial.gb&scope=name address&response_type=code","protocol":"https","host":["sbx-app.m-itrust.com"],"path":["v2","sp","sharingflow","start"],"query":[{"key":"client_id","value":"sbx_MiTrust_Integration_Tutorial.gb","description":"Provided on application registration"},{"key":"redirect_uri","value":"https://www.example.com/redirect_from_mitrust","description":"The EndUser will be redirected to this URL.\n\nYou have to properly encode the parameters (especially the scope and redirectUri). In Javascript, you should rely on encodeURIComponent"},{"key":"state","value":"postman-sbx_MiTrust_Integration_Tutorial.gb","description":"A value supposed to be unique per flow. It will be provided back at the end of the sharing-flow. Not generated on each call in Postman as later call (e.g. to fetch the access_token) shall rely on the samle value"},{"key":"scope","value":"name address","description":"The scope describes the data requested to be shared in given sharing-flow"},{"key":"response_type","value":"code"}]}},"status":"Found","code":302,"_postman_previewlanguage":"plain","header":[{"key":"Cache-Control","value":"no-store, must-revalidate, no-cache, max-age=0"},{"key":"Pragma","value":"no-cache"},{"key":"Expires","value":"0"},{"key":"Location","value":"/#/sharing/start?client_id=sbx_MiTrust_Integration_Tutorial.gb&scope=name%20address&redirect_uri=https%3A%2F%2Fwww.example.com%2Fredirect_from_mitrust&state=postman-sbx_MiTrust_Integration_Tutorial.gb&language=en&sharing_flow_id=d21aaa71-d43b-42d0-b3f2-1ccc35369b8b"},{"key":"Vary","value":"Access-Control-Request-Headers"},{"key":"Server","value":"Kestrel"},{"key":"MiTrust-git_sha1-datasharing","value":"4816f34ba034adbb3b97ee1a9270d127b1df6d92"},{"key":"MiTrust-azure_instance_id-datasharing","value":"f6ac135c52b048d91b92cc79c27b985ddd7ffd33d5b3fa221fdb235825d7cb12"},{"key":"MiTrust-spring-start","value":"2021-07-16T17:39:13.100350+02:00"},{"key":"MiTrust-spring-end","value":"2021-07-16T17:39:13.260488+02:00"},{"key":"X-Content-Type-Options","value":"nosniff"},{"key":"X-XSS-Protection","value":"1; mode=block"},{"key":"Strict-Transport-Security","value":"max-age=31536000 ; includeSubDomains"},{"key":"X-Frame-Options","value":"DENY"},{"key":"Date","value":"Fri, 16 Jul 2021 15:39:12 GMT"},{"key":"Content-Length","value":"0"}],"cookie":[],"responseTime":null,"body":null}],"_postman_id":"5207ba82-81a4-431c-aafd-d34903c9b241"},{"name":"Convert authorization-code to access-token","event":[{"listen":"test","script":{"id":"6b1d9990-64e3-4464-a0be-4262f43d7b86","exec":["// Check there is an access_token\r","pm.test(\"Check no error\", function () {\r","    var jsonData = pm.response.json();\r","    // Typically happens if authorization code has already been turned into access_token\r","    pm.expect(jsonData.error).not.equal(\"invalid_grant\");\r","});\r","\r","// Check there is an access_token\r","pm.test(\"Check access_token\", function () {\r","    var jsonData = pm.response.json();\r","    pm.collectionVariables.set(\"converted_access_token\", jsonData.access_token);\r","    pm.expect(jsonData.access_token).to.be.a('string');\r","    pm.expect(jsonData.token_type).equal(\"bearer\");\r","    pm.expect(jsonData.expires_in).to.be.a('number');\r","    \r","});"],"type":"text/javascript"}}],"id":"6f81ebb1-5a85-4521-ab36-ca694caa0044","protocolProfileBehavior":{"disableBodyPruning":true,"followRedirects":false},"request":{"auth":{"type":"basic","basic":{"basicConfig":[{"key":"username","value":"sbx_MiTrust_Integration_Tutorial.gb"},{"key":"password","value":"clientSecretProvidedByMiTrust"}]},"isInherited":false},"method":"POST","header":[{"key":"Content-Type","name":"Content-Type","value":"application/x-www-form-urlencoded","type":"text"}],"body":{"mode":"urlencoded","urlencoded":[{"description":"<p>The code available as a query parameters to which the EndUser has been redirected</p>\n","key":"code","type":"text","value":"m2N2Dv"},{"description":"<p>The redirect_uri configured at the beginning of the flow</p>\n","key":"redirect_uri","type":"text","value":"https://www.example.com/redirect_from_mitrust"},{"description":"<p>This is a hardcoded value: do not edit it</p>\n","key":"grant_type","type":"text","value":"authorization_code"}]},"url":"https://sbx-app.m-itrust.com/oauth/token?code=LDRfc7w5myk5dUfQ6oc4P7jaa0QBSr7h&grant_type=authorization_code&redirect_uri=https%3A%2F%2Fwww.example.com%2Foauth2%2Fredirect_from_mitrust","description":"<p>Once you've been redirected after having completed the sharing part. You will have an <code>authorization_code</code> that will require a conversion to an access_token.</p>\n","urlObject":{"protocol":"https","path":["oauth","token"],"host":["sbx-app.m-itrust.com"],"query":[{"key":"code","value":"LDRfc7w5myk5dUfQ6oc4P7jaa0QBSr7h"},{"key":"grant_type","value":"authorization_code"},{"key":"redirect_uri","value":"https%3A%2F%2Fwww.example.com%2Foauth2%2Fredirect_from_mitrust"}],"variable":[]}},"response":[{"id":"1be88159-9075-4388-91e5-e45fd3005292","name":"Convert authorization-code to access-token","originalRequest":{"method":"POST","header":[{"key":"Content-Type","name":"Content-Type","value":"application/x-www-form-urlencoded","type":"text"}],"body":{"mode":"urlencoded","urlencoded":[{"description":"The code available as a query parameters to which the EndUser has been redirected","key":"code","type":"text","value":"tBGD9A"},{"description":"The redirect_uri configured at the beginning of the flow","key":"redirect_uri","type":"text","value":"https://www.example.com/redirect_from_mitrust"},{"description":"This is a hardcoded value: do not edit it","key":"grant_type","type":"text","value":"authorization_code"}]},"url":"https://sbx-app.m-itrust.com/oauth/token"},"status":"OK","code":200,"_postman_previewlanguage":"json","header":[{"key":"Cache-Control","value":"no-store"},{"key":"Pragma","value":"no-cache"},{"key":"Transfer-Encoding","value":"chunked"},{"key":"Content-Type","value":"application/json; charset=UTF-8"},{"key":"Content-Encoding","value":"gzip"},{"key":"Vary","value":"accept-encoding"},{"key":"Server","value":"Kestrel"},{"key":"MiTrust-git_sha1-datasharing","value":"4816f34ba034adbb3b97ee1a9270d127b1df6d92"},{"key":"MiTrust-azure_instance_id-datasharing","value":"f6ac135c52b048d91b92cc79c27b985ddd7ffd33d5b3fa221fdb235825d7cb12"},{"key":"X-Content-Type-Options","value":"nosniff"},{"key":"X-XSS-Protection","value":"1; mode=block"},{"key":"Strict-Transport-Security","value":"max-age=31536000 ; includeSubDomains"},{"key":"X-Frame-Options","value":"DENY"},{"key":"Date","value":"Fri, 16 Jul 2021 16:54:26 GMT"}],"cookie":[],"responseTime":null,"body":"{\n    \"access_token\": \"eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOlsib2F1dGgyLXJlc291cmNlIl0sInVzZXJfbmFtZSI6ImQ3ZjQzNjViLTdjNmMtNDg0YS05YzdlLTE1ZTRiYzg2YmIzZCIsInNjb3BlIjpbImFkZHJlc3MiLCJuYW1lIl0sImV4cCI6MTYyNjQ1ODA2NywiYXV0aG9yaXRpZXMiOlsiUk9MRV9UUkFOU0lFTlQiXSwianRpIjoiVFNYcEY4U0R4YUxVbmJwS2ZCT2VWMmpCN0RNIiwiY2xpZW50X2lkIjoic2J4X01pVHJ1c3RfSW50ZWdyYXRpb25fVHV0b3JpYWwuZ2IifQ.U1sJXqroAGpSSq9q5XCLwG8AjTRi5_dG6oc6vNhi3guiAke-dbLAMuWB5u4UaJhr9orQqSlSLPGHYcNIWhHWqhIfHRtJ81BH848M3DNbN0x4wn6C_qg_6fB48o3bWTCZFm5q5i_nyET5dhtPztmDXIbBFikB4klbtLolSqUzRVqDEcHESQS0yTAKCQcJ7HdDQF3ABZCdW69Z46sHFTFoyyJV5OSmiklH6ZbEQdrw1VxpYRP6P9od3FXbFYe0dPRx5NPxYvBSse4T2ue02mhb-WhYNxInKcfeWWHCYHVexir2gWcvU86mOVUoS13IWvlKC8XI8mkrtRa0YGY-Kca5JQ\",\n    \"token_type\": \"bearer\",\n    \"expires_in\": 3599,\n    \"scope\": \"address name\",\n    \"jti\": \"TSXpF8SDxaLUnbpKfBOeV2jB7DM\"\n}"}],"_postman_id":"6f81ebb1-5a85-4521-ab36-ca694caa0044"},{"name":"Get user_Info","event":[{"listen":"test","script":{"id":"a3b6717b-4c01-42d3-8d1f-2977d9e05d7e","exec":["// Check there is user info data\r","var jsonData = pm.response.json();\r","pm.test(\"Check user info data\", function () {\r","    pm.collectionVariables.set(\"headless_token\", jsonData.data.autoupdate.access_token_wrapper.access_token);\r","        pm.expect(jsonData.data.user_info).to.be.json;\r","    pm.expect(jsonData.data.post_processed).to.be.json\r","});\r","\r","\r","    "],"type":"text/javascript","packages":{},"requests":{}}}],"id":"5a6ace1e-399f-4658-9d0e-dc66fd482369","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"auth":{"type":"bearer","bearer":{"basicConfig":[{"key":"token","value":"converted_access_token"}]},"isInherited":false},"method":"GET","header":[],"url":"https://sbx-app.m-itrust.com/user_data/v1/userinfo","description":"<p>Get info from the back end using <code>/userinfo</code> with your access_token.</p>\n","urlObject":{"protocol":"https","path":["user_data","v1","userinfo"],"host":["sbx-app.m-itrust.com"],"query":[],"variable":[]}},"response":[{"id":"67907453-d980-4690-a8c7-4790d89235e2","name":"Get user_Info","originalRequest":{"method":"GET","header":[],"url":"https://sbx-app.m-itrust.com/user_data/v1/userinfo"},"status":"OK","code":200,"_postman_previewlanguage":"json","header":[{"key":"Cache-Control","value":"no-store, must-revalidate, no-cache, max-age=0"},{"key":"Pragma","value":"no-cache"},{"key":"Transfer-Encoding","value":"chunked"},{"key":"Content-Type","value":"application/json"},{"key":"Content-Encoding","value":"gzip"},{"key":"Expires","value":"0"},{"key":"Vary","value":"accept-encoding"},{"key":"Server","value":"Kestrel"},{"key":"MiTrust-git_sha1-datasharing","value":"4816f34ba034adbb3b97ee1a9270d127b1df6d92"},{"key":"MiTrust-azure_instance_id-datasharing","value":"f6ac135c52b048d91b92cc79c27b985ddd7ffd33d5b3fa221fdb235825d7cb12"},{"key":"X-Frame-Options","value":"DENY"},{"key":"Strict-Transport-Security","value":"max-age=31536000 ; includeSubDomains"},{"key":"MiTrust-spring-start","value":"2021-07-16T18:55:02.738581+02:00"},{"key":"X-Content-Type-Options","value":"nosniff"},{"key":"X-XSS-Protection","value":"1; mode=block"},{"key":"Date","value":"Fri, 16 Jul 2021 16:55:02 GMT"}],"cookie":[],"responseTime":null,"body":"{\n    \"status\": \"success\",\n    \"message\": \"These user_info have been popped out from our systems.\",\n    \"data\": {\n        \"user_info\": {\n            \"address\": {\n                \"formatted\": \"53 route de la Reine 92100 Boulogne\"\n            },\n            \"name\": \"Mr Benoit Lacelle\"\n        },\n        \"post_processed\": {},\n        \"links\": [\n            {\n                \"rel\": \"self\",\n                \"href\": \"https://sbx-app.m-itrust.com/v2/sp/userinfo\"\n            }\n        ],\n        \"user_consent\": {\n            \"jwe\": \"eyJraWQiOiJLRlpxTUp0Y2p2WGc3RVNEU3dtOG1nSmJLcTVDdmRMaG9EUDl0a2UydWdJIiwiZW5jIjoiQTI1NkdDTSIsImFsZyI6ImRpciJ9..FwCMiHYvzrozS_I5.b4my-Lb8RIZ3nR1direPe1BTlsVPlq84ISS1UXWeo-vxnxhMdLtEMtmOKW8-TnbzEzewin2sch0WnXVJmhpTdOxpqYImau-mfiGvcpgdN4UFFNDwxUYsyO-703NsnrnYVVQIfD-RPef9-xCohXIEfoMrhjZ24GHMH2p3DX2LA7vj2dyMKp6-1XYOLm8yDKBbcLTUxcu3_tW4weRz5HlVPDFsHrTiFH3plsR1TZLeWUJtcXsekhMc3z8HwaFBruD-Y7U.5-MlPhZUldpf0EkgyNtiag\",\n            \"links\": [\n                {\n                    \"rel\": \"self\",\n                    \"href\": \"https://sbx-app.m-itrust.com/service_provider/v1/userconsent\"\n                }\n            ]\n        }\n    }\n}"},{"id":"4fe9baab-89f9-48e6-a8a9-716f5fcfa6e2","name":"Get user_Info with Autoupdate token","originalRequest":{"method":"GET","header":[],"url":"https://sbx-app.m-itrust.com/user_data/v1/userinfo"},"status":"OK","code":200,"_postman_previewlanguage":"json","header":[{"key":"Content-Type","value":"application/json"},{"key":"Date","value":"Thu, 21 Jul 2022 08:51:13 GMT"},{"key":"Cache-Control","value":"no-store, must-revalidate, no-cache, max-age=0"},{"key":"Content-Encoding","value":"gzip"},{"key":"Expires","value":"0"},{"key":"Pragma","value":"no-cache"},{"key":"Transfer-Encoding","value":"chunked"},{"key":"Vary","value":"accept-encoding"},{"key":"Referrer-Policy","value":"no-referrer"},{"key":"Content-Security-Policy","value":"default-src 'self' https: blob:; font-src 'self' https: data:; img-src 'self' https: data: blob:; object-src 'none'; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' https: 'unsafe-inline'"},{"key":"X-Download-Options","value":"noopen"},{"key":"X-Permitted-Cross-Domain-Policies","value":"none"},{"key":"Permissions-Policy","value":"accelerometer=(),ambient-light-sensor=(),attribution-reporting=(),autoplay=(),battery=(),camera=(\"https://id.ubble.ai\" self),clipboard-read=(),clipboard-write=(self),conversion-measurement=(),cross-origin-isolated=(),direct-sockets=(),display-capture=(),document-domain=(),encrypted-media=(),execution-while-not-rendered=(),execution-while-out-of-viewport=(),focus-without-user-activation=(),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),idle-detection=(),interest-cohort=(),magnetometer=(),microphone=(),midi=(),navigation-override=(),otp-credentials=(),payment=(),picture-in-picture=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),shared-autofill=(),speaker-selection=(),storage-access-api=(),sync-script=(),sync-xhr=(),trust-token-redemption=(),usb=(),vertical-scroll=(),wake-lock=(),web-share=(),window-placement=(),xr-spatial-tracking=()"},{"key":"MiTrust-azure_instance_id-gateway","value":"7bf5a65c9ab6652b7e960fdced88dd5501d933c0715fe792714d5d958b2e56fd"},{"key":"MiTrust-git_sha1-gateway","value":"a8c1ab10eb04a8092802abaceaf58177410567e7"},{"key":"MiTrust-azure_instance_id-datasharing","value":"7bf5a65c9ab6652b7e960fdced88dd5501d933c0715fe792714d5d958b2e56fd"},{"key":"MiTrust-git_sha1-datasharing","value":"a8c1ab10eb04a8092802abaceaf58177410567e7"},{"key":"MiTrust-spring-start","value":"2022-07-21T10:51:13.097790614+02:00"},{"key":"X-Content-Type-Options","value":"nosniff"},{"key":"X-XSS-Protection","value":"1; mode=block"},{"key":"Strict-Transport-Security","value":"max-age=31536000 ; includeSubDomains"},{"key":"X-Frame-Options","value":"DENY"}],"cookie":[],"responseTime":null,"body":"{\n    \"status\": \"success\",\n    \"message\": \"These user_info have been popped out from our systems.\",\n    \"data\": {\n        \"user_info\": {\n            \"name\": \"some_name\"\n        },\n        \"post_processed\": {},\n        \"links\": [\n            {\n                \"rel\": \"self\",\n                \"href\": \"https://sbx-app.m-itrust.com/v2/sp/userinfo\"\n            }\n        ],\n        \"user_consent\": {\n            \"jwe\": \"eyJraWQiOiJLRlpxTUp0Y2p2WGc3RVNEU3dtOG1nSmJLcTVDdmRMaG9EUDl0a2UydWdJIiwiZW5jIjoiQTI1NkdDTSIsImFsZyI6ImRpciJ9..WheEdZAsgAgd6n3x.__EUQ-MprC7gY237vOFkmV6zQ6Bj8teKoppwZZu_whewXSc6DR_sCRMCTWlBtxo6LFsoOZOQZ6YHM6_dYVr0xF0nM0qZq_1chH-ozXcI70_rZAtnks4f9jOCdDiTZH5CY3CF28PkpNX4zDOXdh3wCj1lX8FLi80LWOQLtTpjAL4gFeYvo590bRQw679w3HWj4aTeQzK0aqJHtnN_1TyO08cUyTJGWiHPkEKy5ikWdlj52zHqwHJDQJjJHybw_d9XvUEA97R1hJ1MbZstKg8R0laJXZP2Xv4nLxXS0Qo.X-1OpkhUxrPZANYc_nH1qA\",\n            \"links\": [\n                {\n                    \"rel\": \"self\",\n                    \"href\": \"https://sbx-app.m-itrust.com/v2/sp/userinfo/signature/userconsent\"\n                }\n            ]\n        },\n        \"autoupdate\": {\n            \"access_token_wrapper\": {\n                \"token_type\": \"headless\",\n                \"access_token\": \"eyJhbGciOiJQUzUxMiJ9.eyJhdWQiOiJzYnhfTWlUcnVzdF9JbnRlZ3JhdGlvbl9UdXRvcmlhbC5nYiIsInN1YiI6Ijc1ZGMwMmRjLTAzOWEtNGM5ZS1hZWQwLTQ0ZjA3OGFmYjBmMiIsImlzcyI6Imh0dHBzOlwvXC9zYngtYXBwLm0taXRydXN0LmNvbSIsImp3ZSI6ImV5SnJhV1FpT2lKb1pXRmtiR1Z6Y3kxMGRYUnZjbWxoYkZ3dllUaGxaREU1WW1ZMk0yWTVORFkxTURnNE0yRmxPV05tTmpSbE5ERXdaV01pTENKbGJtTWlPaUpCTWpVMlEwSkRMVWhUTlRFeUlpd2lZV3huSWpvaVVsTkJMVTlCUlZBdE1qVTJJbjAuM2F0aHV6R3BvQnNiNndveGpVT09kb1FwZk9vcUJaQ1I0UE9xdC10UTl1LVdOVi1KZVJIczRmY3Nic0hjWjJUZzl2OUtnSnVsR1ZKNnFOaVpxWXZQWFVvOVhWZDAwT3Q4dVdQa2dJZWJSeE5qc2ZJaTZnWHoxZ0RJTGpxZ1I0cnQzVl9VbjdZZTZqWEQ0U0VCSndBQk1BVVk4a3BjaFZDbjlNR09fWjhhaE9RWTA5c2YyQzdMWWRibFJmQ1d2LWcxbUpDWXkxZ2F4RDQyb3VhZm8xM3Vvb1FCbE84b1h0YVZFb3AxdmZLV1JMQU52RXFRbk9wQVN2TjVNbThwLVhwbTJ5SV9jYno3UFVxN1g4bk9IOGxEdWJITGhYTTRHalNEOFZ5NzR3SHhnRm9JdkJsZk9oajRkMXR3U1ZMMDVpMm8wcnVyZUMydlNQb3hyQnRQd3luTWF1LTc5QV9yeWFjUDlBVGpyZ1lIc2ZLNmxic3BwbTZKdHVWZm1ueWpBRDFyM3R2TkV2R0dDMV9RcGpKOVF5ODBIaVViVjlhbElCeEVYRjZNTERrcTk5Y3RBOWVsdXVYbFNsRWw5dXJjTlA1dWktUXJ0YUVZMkhHaC0zU0Vvd1hISF80VDJFeVBjVUE4UnJ2NllaN3FKRXZBclhSY2t3aWFBSjNHb0d3RHJ1NHB1N0FmVFFiREt3a19TMnl3Yno3VkZTWGxKVUwwNmFJc0ZPM29YLUxSTXFwelg2Zkd4N3NsUEdmNTJWMkhId09GMWpPcjhZdks1X2szU1JNVDNwTnF6RmJ4WW5nNXBYVmNBT1pTbktsUkl0VmNPV3BuS0Iwc1l3am5RbEVRT2dnY09xb2ZWeVIxMkctNlh5dzE2NkNUM0xfb1k1VVpGY01vUXFyY0xjWkNtUTAuRlNxTUlHNXA4VTRqUG0yWVgtSW9fdy5IeTlsdnVlX1Q2VVRhSTNxclgxOGdKcmtsU2lqQjBxbktTbEkwUEhLLVpIZjJhQlJhY2doSUZ6eVhSeXN3VkhEN1NuNVZMVkR4SW5YMDJyUkRsUUNyVjNLSW0xRkNZazVPenR3azhZdHdsbF9WN0JNVkVlbEtFUDc1WXphU21td1FDck1pbFBxeTZ3U25vNjVCNllDUTNmV29aeXN6X19iV3Z1YzNBMVROTHFxU0Jfcm8xbnVuVVRGREtYalF4a3RZOEZjcm1XaGpFYUtMSmxXY3E3ZENQLWVIUml5T1NOdFpFbnk2d2NmRk9iRmV3Y2tEVnNXQnhINW9lZFVKTUtnTlZHdktjTDMydDZJbXdvZnBrUWZMVnRlcUtlZlFTaEYxc0xGYUpua3pmWEItbmdadk51dm9LMVdkVlZROGhDek5RMG5QUkFnbHB4N2xNQUg3b1NoaVd6Q284Rm41V2lEQm9NX1NiRFpXMDZYemJpcF9wdzNkVFRyeUsyY2JSOVRJOXFhZ1ZFN2Z0eVA2dkZhUzdscThwclh1SlJNamhfS0UyblZ4OG5vbWstbE5PM2IwREowdnQ2REFPb0tKcHJOX0RKenhQZlNfdTF6M1BtRU5GeW85M0ZSRkNJRjloTWdqNll6UlZGbGdLMC4xWFFrOWRHdWwxRWx5ZDl0MlJUZzdqS2RfMVFVVkJ0TG56OVN0VVlUNUljIiwiZXhwIjoxNjY2MTY5NDczLCJpYXQiOjE2NTgzOTM0NzMsInZlcnNpb24iOiIzIn0.duqj1A_i1oxfUElaOxjgor2ItYCay_TUBJpXHCL9KX5bJT1Acq9qgD9--8qiZWFT1VZQDdasJMNsAuOuuICSk14PXOnn1EZIPNi1j2FHyweMDQUCIqJFyaimllymMuDI4Asb3FlfOH9AnxD0An68m6hFy5pf4KZt_yj2bvfRitQwkyMNxY2RBuyOifeE0Ct4PsjbOj1GgpSZSDpiWltNLa1AEixUuK7Eg4Zk3esh918nOPEJI2SVj-ip4C9AcQIanBP1l29FBAXogmEu-SV9bpcSAReRtfSJhpPDPT0BTHjUZMfZEPBg9UZatOpNc6Dc6umzQCNAbubcSlFKTMMbvQXwlEPhe8Y_EUxPt2JywHveXJ_c3jVKyKha0p0uP2NSiDYj5SlitwSBVtHsDSctxV8en8N05FYbI7PP7vPkxc1V3pHIurPm29MHobNml5oYutf5_0wR8hSXTc8dM-Fb19rcERW2bEgDrj4UXIg5ExEnzV5uqyX3zBYA3bkyfbv448BpNG8o0MpyPaXAgy9O2rJujEPk_K1Mcw9Hky8rpM9i2zvNu0OV81gfNfJ7r3b6Cqoa2brnJwhpdmMCQ7p4QD62Dk4MU8ndwwJQqBLMtz8acBEKlRl2PA2sfSTCQN3eCl9_7uTnZ2D5WlQUVciU1IygmI4wyqGNDIgBUJTMqAM\",\n                \"expires_in\": 7776000,\n                \"links\": [\n                    {\n                        \"rel\": \"self\",\n                        \"href\": \"https://sbx-app.m-itrust.com/v2/sp/headless\"\n                    }\n                ]\n            }\n        }\n    }\n}"}],"_postman_id":"5a6ace1e-399f-4658-9d0e-dc66fd482369"}],"id":"ba61d986-0af4-42e8-b2d5-5adad76473ca","_postman_id":"ba61d986-0af4-42e8-b2d5-5adad76473ca","description":""}],"event":[{"listen":"prerequest","script":{"id":"585dacf5-e133-444c-b7ae-28be590808dc","type":"text/javascript","exec":["// https://stackoverflow.com/questions/43611238/url-encode-postman-variable","// CTL + ALT + C to open Postman console","// Variables are Collection variables","// Environment are Environment variables","var redirectUri = pm.variables.get(\"redirect_uri\") || pm.environment.get(\"redirect_uri\");","console.log(\"redirect_uri\", redirectUri);","var encodedRedirectUri = encodeURIComponent(redirectUri);","","console.log(\"encoded_redirect_uri\", encodedRedirectUri);","// We prefer to edit the Environment than the Collection","pm.environment.set(\"encoded_redirect_uri\", encodedRedirectUri);","","var scope = pm.variables.get(\"scope\") || pm.environment.get(\"scope\");","console.log(\"scope\", scope);","var encodedScope = encodeURIComponent(scope);","","console.log(\"encoded_scope\", encodedScope);","// We prefer to edit the Environment than the Collection","pm.environment.set(\"encoded_scope\", encodedScope);"]}},{"listen":"test","script":{"id":"66893214-6db9-410b-a057-48dcdbda0b57","type":"text/javascript","exec":[""]}}],"variable":[{"key":"mitrust_domain","value":"sbx-app.m-itrust.com"},{"key":"client_id","value":"sbx_MiTrust_Integration_Tutorial.gb"},{"key":"client_secret","value":"clientSecretProvidedByMiTrust"},{"key":"redirect_uri","value":"https://www.example.com/redirect_from_mitrust"},{"key":"scope","value":"name address"},{"key":"encoded_redirect_uri","value":"https%3A%2F%2Fwww.example.com%2Foauth2%2Fredirect_from_mitrust"},{"key":"encoded_scope","value":"name address"},{"key":"converted_access_token","value":"converted_access_token"},{"key":"protocol","value":"https"},{"key":"headless-grant_type","value":"client_credentials"},{"key":"basic_access_token-headless","value":"access_token"},{"key":"company.registration_number","value":"123456789"},{"key":"headless_token","value":"headless_token"},{"key":"headless_session","value":"headless_session"},{"key":"country","value":"GB"}]}