OAuth 2: support more parameters

[karol-majewski]

Hello and thank you for your work.

I was very positively surprised to see support for OAuth 2 in Insomnia. I'm talking about this screen particularly:

Unfortunately, the available options are not enough for me to have my token renewed without leaving Insomnia. My client uses the PKCE flow aided by the Microsoft Authentication Library (MSAL). The library offers one critical feature without which authentication is not possible: extraQueryParameters.

extraQueryParameters is an arbitrary dictionary attached to the login request. It can contain any metadata you like. One use case is identifying the application attempting to authenticate.

const request: SilentRequest = {
  account,
  scopes: this.scopes,
  extraQueryParameters: {
    foo: 'bar'
  }
};

await this.acquireTokenSilent(request);

If Insomnia proved a way to specify these extraQueryParameters when an OAuth 2 call is made, I would no longer have to copy-paste tokens between the browser and Insomnia. It would be my go-to API client for prototyping.

Thank you for considering my case, and please let me know if this is something you think fits Insomnia well.

[dimitropoulos]

Sounds interesting! Do you know of any workarounds for this? For example can you add this data in a header?

[karol-majewski]

As far as I know, no workaround exists. These extraQueryParameters are added to the request URL when the authority URL is accessed by MSAL. I haven't found any other way.