Postman is sending cookies so session got lost.
A workaround to avoid this is disabling cookies or set this config:
Click whilelist domains.
Add domain. Localhost or staging (depending the environment you want to test)
And in the oauth/token request , please add the following code:
replace last line with the following:
pm.cookies.jar().unset(pm.environment.get("pos_url"),'connect.sid');
This is done to get the postman working on different enviroments, also you need to whitelist all the different enviroments, for example, “posapi-uat.flexiti.fi” (without http:// or https://)