@baseUrl = http://localhost:8101/api/v1 # Paste tokens here after running "OAuth callback" request below @accessToken = eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOlsiYWxpbm1lLXdlYiJdLCJleHAiOjE3NzIyNzQwMzgsImlhdCI6MTc3MjE4NzYzOCwiaXNzIjoiYWxpbm1lLXNlcnZlciIsInN1YiI6ImVkMDkyYjI2LTlhODQtNDI0YS05MTMyLTkzODg5Yzg2NzE3YyJ9.aMpaoXVb5t0ChT4mBGpoxE4F7DhPq6Olyf5AdrsA0rE @refreshToken = ### ============================================ ### OAuth Mock Login Flow ### Prerequisites: mock-oauth running (make mock-oauth) + oauth.mock.enabled=true in config ### ============================================ ### 1. Get OAuth redirect URL (for mock provider) ### User would visit this URL → mock login page → redirect to frontend with code # @name oauth_redirect_url POST {{baseUrl}}/auth/oauth/redirect-url Content-Type: application/json { "provider": "Mock" } ### 2. OAuth callback - exchange code for tokens ### Mock server always returns code: mock_auth_code_12345 (no browser needed) ### Run this after step 1, then paste access_token and refresh_token into variables above for steps 3-4 # @name oauth_callback POST {{baseUrl}}/auth/oauth/callback Content-Type: application/json { "provider": "mock", "code": "mock_auth_code_12345" } ### ============================================ ### Protected endpoints (use token from above) ### ============================================ ### 3. Get user info (requires auth) GET {{baseUrl}}/account/info Authorization: Bearer {{accessToken}} ### 4. Setup profile (for new users - handle required) POST {{baseUrl}}/platform/setup-profile Authorization: Bearer {{accessToken}} Content-Type: application/json { "handle": "my-handle-dev", "short_description": "Developer profile", "role_level": "mid" } ### 5. List profile roles (for setup-profile role_id) GET {{baseUrl}}/platform/profile-roles Authorization: Bearer {{accessToken}} ### 6. List skills (for profile skill selection) GET {{baseUrl}}/platform/skills Authorization: Bearer {{accessToken}} ### 7. Get discovery overview GET {{baseUrl}}/platform/overview/discovery Authorization: Bearer {{accessToken}} ### 8. Get specialist overview GET {{baseUrl}}/platform/overview/specialist Authorization: Bearer {{accessToken}} ### 9. Verify account POST {{baseUrl}}/platform/verify-account Authorization: Bearer {{accessToken}} Content-Type: application/json { "email": "user@example.com", "code": "123456" } ### Refresh token POST {{baseUrl}}/auth/refresh-token Content-Type: application/json { "refresh_token": "{{refreshToken}}" } ### Alternative: paste token manually for account/info # GET {{baseUrl}}/account/info # Authorization: Bearer