JWT and oAuth 2.0

The following questions might be trivial to some but I am pretty lost here. Any help is appreciated.

How do I get JWT tokens to be used for oAuth? I did check jwt.io but the instructions were not very clear.
Can I use Postman to create JWT tokens to be used on Vectara?
How do I get the OAuth 2.0 token endpoint?
Where do I get the Bearer token?

Hi, you can view our documentation on how to retrieve the token here.

We support the “client credentials grant” OAuth flow. This means you can get a token domain, client id, and client secret in the console. Let me know if the documentation isn’t clear, and I’d love to help. Most OAuth libraries should support the client credentials flow.

1 Like

Yes, I would appreciate further guidance and support in getting this done. The documentation is clear, but I am a novice and I’m having a tough time with this.

I’m not terribly familiar with the Postman UI, but unfortunately, I don’t think it specifically has a flow built into the UI for getting the bearer token. A few options I’d suggest:

  1. If you’re just interested in running a few requests to test with, just go to the console, navigate to a corpus of your choosing (it doesn’t matter which), run a search of your choosing (it doesn’t matter what), and click on Copy request and then select Copy as cURL (POSIX). Paste what gets copied into some text editor, and you’ll see it has curl -X POST -H "Authorization: Bearer ey...". That string starting with ey and continuing onto the double quotes will be a JWT token (which you could paste into jwt.io to examine if you like but you won’t need to). For security purposes, that token expires every hour, so it’s not good for actual development in longer term, but it can get you over a hurdle to testing in Postman or another API platform of your choosing
  2. If you’re on a Mac, you can open a terminal and paste in curl -XPOST -H "Content-type: application/x-www-form-urlencoded" -d "grant_type=client_credentials&client_id=YOUR_CLIENT_ID&client_secret=YOUR_CLIENT_SECRET" https://vectara-prod-YOUR_VECTARA_ID.auth.us-west-2.amazoncognito.com/oauth2/token. Swap out YOUR_CLIENT_ID, YOUR_CLIENT_SECRET, and YOUR_VECTARA_ID with the variables as described in the Vectara documentation. The curl command will return a JSON object and the access_token contained there is the JWT token you need to add. Again, these tokens expire every hour
  3. If you want to use an API platform, I know Insomnia has a UI flow to get OAuth2 bearer tokens:
  4. Ultimately, in an application context, you’ll want to get these things programmatically, which the docs have examples for

Great, this helps. Thank you!