Human Capital Management Blogs by Members
Gain valuable knowledge and tips on SAP SuccessFactors HCM suite and human capital management market from member blog posts. Share your insights with a post of your own.
Showing results for 
Search instead for 
Did you mean: 
Active Participant
SuccessFactors consultants and developers are often using the /oauth/idp endpoint the generate the assertion and consequently use the assertion in an additional request to obtain an access token.

This endpoint is now deprecated and will be removed in the near future. It's good to point out that although Postman supports many flavours of OAuth, it does not support the OAuth 2.0 SAML bearer assertion flow that is used by SAP SuccessFactors HXM Suite.

Let's look at some alternatives:

I decided to find and eventually develop a solution that could work for Postman and in general help me to manage the required SAML assertion keys.

Let me introduce you to 'sf-oauth' 🪄

It's a cross-platform cli utility featuring:

  • Generate a new key pair

  • Check certificate validity

  • Generate assertion (and validate)

  • Run a local web service to generate an assertion and provide access tokens

  • Integrate with a Postman OAuth flow to obtain an access token

    • Indirect: Automatically opening your browser to enter a user ID and returning to Postman

    • Direct: when a userId is provided in the request to the local web service, a valid access token is immediately returned to Postman

To get going, please take a look at the documentation on the homepage: sf-oauth (

Here is a sneak peak on how effortless your API testing will become in Postman using this utility:

Labels in this area