Data Lens Developer's Guide

Authentication with Postman

This topic is dedicated to handling Data Lens authentication when using Postman.

Prerequisite: Getting Authentication Credentials

Obtaining an Access Token

To obtain an authentication token, send your username and password to the Data Lens REST API endpoint sign_in along with your app_id and app_code:{YOUR_APP_ID}&app_code={YOUR_APP_CODE}

For information on how to find your app_id and app_code, see Getting Authentication Credentials.

The following figure illustrates a request using Postman to the sign_in endpoint:

Figure 1. Get an access token

In the request body, replace {{email}} and {{password}} with your HERE Account credentials.

The following figure shows a typical response, containing a new access_token:

Figure 2. Response containing access token

(The access_token above has been truncated for presentation purposes.)

Note that you will need to provide the refresh_token (line 15 in the figure above) to refresh the access token for the session – see also below.

Refreshing authentication tokens

Access tokens are valid for 60 minutes. If you get the error message token expired, you can refresh the token by sending the expired access token and the refresh token from the original response to the endpoint sign_in/refresh:

The Postman screenshots below illustrate the call to the sign_in/refresh endpoint and the response:

Figure 3. Request to refresh access token
Figure 4. Reponse to a request to refresh access token

For more information on the endpoint signin/refresh, see Sign_in.

Configuring Postman to Run Authenticated Requests

In Postman, you can define variables that you can include in URLs and headers so you do not have to paste app_id, app_code, and the access token every time you send a request to an endpoint. Postman supports the configuration of multiple sets of variables, with each set called an environment. Below, we demonstrate how to create an environment to store your app_id, app_code, and the access token.

Figure 5. Manage environments in Postman

Create a new environment, and enter your authentication credentials:

Figure 6. Create a new environment in Postman

The bearer variable must be set to the value of access token.

These credentials will now be available as {{app_id}} and so on in any URLs you enter in the Postman URL bar.

To send the access token with requests, click Headers under the URL bar, and enter a header as follows:


with the value

Bearer {{bearer}}

(Note that the space between Bearer and {{bearer}} is required!) Now, Postman inserts the value we set in the environment in API requests:

Figure 7. Environment variables
Note: Tokens are valid for 60 minutes. When you get the error message token expired obtain a fresh token as described above.

You cannot use this account to purchase a commercial plan on Developer Portal, as it is already associated to plans with different payment methods.

To purchase a commercial plan on Developer Portal, please register for or sign in with a different HERE Account.

Something took longer than expected.

The project should be available soon under your projects page.

Sorry, our services are not available in this region.

Something seems to have gone wrong. Please try again later.

We've detected that your account is set to Australian Dollars (AUD).
Unfortunately, we do not offer checkouts in AUD anymore.
You can continue using your current plan as normal, but to subscribe to one of our new plans,
please register for a new HERE account or contact us for billing questions on