getting login acess_token with auth0 to postman

I created an app in Go that includes https server with angular2 based client that uses auth0 for authentication,
I have another app written in Go which is the API Server, this API Server has jwt middleware configured for auth0 at explained at https://auth0.com/docs/quickstart/backend/golang.

now... I want to use postman to test requests o my API Server but first I need to authenticate. how do I add authentication to my website to get an access token or something to forward with my API request?

I read the docs but I got really confused.
any information regarding the issue would be greatly appreciated.

Using Postman Mac App 4.4.2

thanks!

update

so I installed Authentication API Collections on my Postman Mac App while being logged in to my auth0 account.

now I'm trying to get an access token to be used with the authentication header while posting to my Api Server.

I don't know which method I should use in the collection in order to get an access token.

It's quite interesting and tricky at the same time

First you need to get the token from Auth0 using Postman, remember you can get any info from App Settings in Auth0

In above picture, you see id_token and access_token. The trick here is to use Id_token to send with your requests, not Access_token. Do it as follow:

As you can see, for any request sending to API, we need to add a header called Authorization with value="Bearer {id_token}". Boom...Job's done Hope it helps

Here are a few approaches to test JWT-based APIs: https://auth0.com/docs/local-testing-and-development#client-side-applications-and-jwt

> # Client-side applications and JWT
>
> This is usually the easiest scenario to test. One of the benefits of
> JSON Web Tokens is that they are stateless, which means that an
> application that consumes them only cares about the JWT's contents and
> not any previous state such as a session cookie.
>
> There are mainly three approaches to obtaining JWTs for testing:
>
> 1. Manually generate a JWT with the needed data, and sign it with your
> Auth0 application's client secret. If you omit the exp claim from a
> token, most JWT libraries will interpret it as a token which never
> expires, though it's possible some libraries might reject it. The
> benefit of this approach is that it does not require Internet access
> or intervention from Auth0 at all.
>
> 2. Create a dummy user in a database connection, and programatically log
> in with this user through the resource owner endpoint. In order to get
> a JWT back, make sure to set the correct scope value. The benefit of
> this approach is that it will execute any rules that you have
> configured on your Auth0 account.
>
> 3. Use a browser bot (e.g. Selenium) which logs a dummy user in and
> retrieves a JWT. This approach may take some effort to develop and
> maintain, but it will also execute any redirection rules or MFA prompts that you have configured on your Auth0 account.

I found a tutorial on youtube on how to use postman to login with username and password credentials to a DB Connection.

https://www.youtube.com/watch?v=VDUzBn6SzIY

so I installed the Auth0 Authentication API collection, and opened DB Connections -> Login using username and password.

so I saved the post request with the relevant params (client_id,userame,password,connection) and I just use it first to get the access token, and then paste it to Authorization header in order to fetch information from the Api Server.