After you sign on using Postman, the next step is to examine the returned JSON Web Token Access Token (JWT) using the JWT Token Analyzer.
Copy the Access Token returned from Postman and paste the token into the analyzer at https://jwt.io.
Review the Payload portion of the token. For example:
Valid encryption is expected, for example, RS256.
The
aud
field contains the correct identifier.
The identifier in the token must match the Relying Party Identifier stated in the Standalone Web API in the Application Group.
The Claims Issuance examines the token contents, so the Claims can use the UPN. The Name is not included in the Token so is not used or needed in this definition. If other elements are available, the Claims can be refined with the token elements.
This process is also helpful in the Profile Manager environment to identify token elements used to determine User Profile assignment.
