Introducing the Postman Agent: Send API Requests from Your Browser without Limits

Avatar

Today we announced a new beta version of Postman that we’ve been working on to address a wide range of requests from our fantastic user community: Postman on the web. (We encourage you to read the launch blog post here.)

But bringing Postman to the web wasn’t as easy as simply building a browser-based UI. We needed to overcome a fundamental limitation of browser architectures to truly bring the Postman experience to the web.

The limitation of cross-origin resource sharing (CORS) in browsers

Modern browsers are great for humans surfing websites, but they have limitations when it comes to pulling data from APIs across many different domains. Leading browsers like Chrome and Firefox restrict how data is exchanged between different internet domains, limiting requests to the domain you have loaded in the address bar. This feature protects website users from malicious activity, but it is also something that negatively impacts one of the core capabilities of web APIs: the accessing of data, content, media, and algorithms across a variety of domains.

As a developer, if you’ve had the chance to work with many APIs using JavaScript in the browser, then you have no doubt encountered challenges using cross-origin resource sharing (CORS).

In the early days of Postman, these challenges with CORS while working with APIs in the browser quickly pushed Postman from the web to the desktop, resulting in the Windows and Mac versions of the Postman app that developers depend on today.

In our journey back to the web, the CORS limitation was a fundamental, ongoing issue that hindered our ability to bring an amazing API developer experience to the browser. We needed a new approach to solve this issue, and so the Postman engineering team got to work to find a breakthrough.

Introducing the Postman agent

To allow developers to make API requests on the web as part of this latest release, we had to find a way to get around these browser limitations. This work resulted in us developing the Postman agent.

The Postman agent is a micro-application that runs locally on your desktop and acts as your agent for making API calls on your behalf. To overcome limits in the browser, the Postman web interface will now route API calls to the local agent, and the agent will make API requests locally on your behalf, using your local profile, configuration, and network to make each request and pass the response back to the web interface. The Postman agent enables you to bypass the limitations that exist in the browser—while maximizing the access that exists locally on your desktop—by allowing API requests to originate in the browser, but be routed through your local machine and network, and back again.

The first time you visit Postman on the web to make requests you’ll be prompted to download the Postman agent for your operating system. Once it is downloaded, installed, and switched on in the Postman web application, API requests will begin being routed locally to the agent, which will work with the Postman agent service (PAS) to make each API request, and coordinate with the web application interface.

Architecture diagram for the Postman agent
Architecture diagram for the Postman agent

The Postman agent employs a TCP connection using WebSockets to publish and subscribe to a JSON payload that uses our internal collection execution protocol. The above diagram breaks down how the Postman agent works with the agent service to securely route API requests to be executed locally, then also makes sure the response gets routed back to the web application. (Making API calls using Postman in the browser is currently in beta, and so is the Postman agent.)

We also want to let you know that we’ve implemented fully encrypted connections, but have not turned that encryption on for the beta release. The reason for that is we wanted beta users to be able to get up and running without having to deal with certificate issues.

Try the Postman agent out and give us your feedback

To help move things forward with the web version of Postman and the Postman agent, we’d like to get your feedback. We need to understand where you manage your APIs, and where you would run your agents. We’re looking to understand how you’re consuming and building your APIs, and how we can help you optimize each aspect of your operations. We encourage you to test-drive the new release here, and give us your feedback here.

We don’t expect that you’ll immediately move all of your API requests to the web and abandon the relationship you’ve developed with the desktop edition of Postman, but we’d love to explore with you what’s possible when you start separating the different aspects of your API operations. Ultimately, we want to work with you to help you decide how to best optimize what runs in the cloud, what runs on your desktop, and where else you need to be executing collections to orchestrate and automate using the internal, partner, and public APIs you depend on across the enterprise.

Download the Postman agent here.
Access the new web version of Postman here.
Give us feedback here.

What do you think about this topic? Tell us in a comment below.

Comment

Your email address will not be published. Required fields are marked *


This site uses Akismet to reduce spam. Learn how your comment data is processed.

43 thoughts on “Introducing the Postman Agent: Send API Requests from Your Browser without Limits

    Avatar

    Fascinating insights! Impressed by your team ingenuity to work around the CORS restrictions that frustrate me time to time as an API developer. Looking forward to use the Postman on web again.

    Avatar

    Having the ability to look at shared collections and read API documentation on the Web is going to make my API consumers very happy!

    I was wondering if there are any advantages to using the web version for managing collections and tests, as opposed to the current desktop app..?
    Looks like web would be more suited for consumers of the API, than the developers.

    Avatar

    Unable to use postman web in OperaGX.
    Getting “Error: Browser does not support cross-origin request” error.
    Kindly help.

    Avatar

    Please add the link to download the Agent manually. If you are using adblocker/security restriction in browser then there is no popup to download the agent.

    Avatar

    I clicked away the popup once and now I can’t find the download link to the Agent anywhere 🙁 Guess I’ll remove my cookies, maybe the popup will appear again (?)..

      Tristan

      Bert, we also have the Postman Desktop Agent available for download here: https://www.postman.com/downloads/ (scroll down half-way and select your OS.) Thanks for reporting, and I’ll be sure to let the UX team know about this so we can improve.

    Avatar

    The second Windows link also says 64-bit, but is actually 32-bit.

      Tristan

      Thanks for reporting, Nick! Just verified that it looks like this has been fixed.

    Avatar

    Seems like I can’t install postman, gives an error: There was an error while installing the application and that’s it. Any help?

      Avatar

      Please contact our support team on help@postman.com and they’ll be able to help you. 🙂

    Avatar

    How to i install the postman desktop agent in linux?

    Avatar

    Hi, we are using a gateway proxy to protect all of our users. (Zscaler). One of our developers says the postman agent installed in his machine is not working. By looking into the postman agent log file in my own machine and after adding the pstmn.io domain to the list of exceptions in zscaler, I found the text below. As far as I understand there was an error some days ago, but now it is working ok. Is this correct? . How could I check if the postman agent is working ok? Thank you very much in advance for your support. (As you can see I am not a developer)

    Avatar

    La version 8 c’est une horreur, comment désactiver la mise à jour automatique, alors même que cette option est décoché, mais qu’est ce qui vous à pris, la version 7.33 était très bien, clair et net, là c’est n’importe quoi, va falloir que je trouve une alternative à Postman, c’est malin

      Avatar

      Désactiver les mises a jour majeures permet de rester sur Postman v7. Avec un peu de chance vous vous êtes habitues a la version 8 depuis, mais si ce n’est pas le cas vous pouvez contacter le support Postman pour qu’il vous aide a retourner sur la version 7: postman.com/support.

    Avatar

    What is the license for the desktop agent?

    Avatar

    Does the agent have an API? Can I write code to call the agent’s API?

    Avatar

    I think this is a great app

    Avatar

    I wonder if I can run Postman Agent for Linux without X11? So that I can deploy this agent to a Linux server and share the agent with my colleagues.
    Also it would be great if you publish a docker version so that it would be a lot easier to deploy Postman Desktop Agent as a service.

    Avatar

    I mistakenly installed Postman Agent on my macmini 2018… How might I best uninstall it?

    Avatar

    That’s nice

    Avatar

    Why doesn’t your documentation outline how to use the desktop application? and If it does, why is it hidden so well?

      Avatar

      Hi Joe, You can check out our Learning Center documentation here, or contact our support team at https://www.postman.com/support and they’ll be glad to help!

    Avatar

    i install the postman . but is stuck the create workspace
    windows 10 n 32 bit

    Avatar

    When i run the agent on Macosx (v0.0.2) I have to go in to Sys Prefs > Security > General and “Open Anyway”. It however displays a warning I’ve never seen before. I posted it to https://github.com/postmanlabs/postman-flows/discussions/24#discussioncomment-1499383

    Avatar

    Good Job

    Avatar

    Cheers 🍻 (!)

    Avatar

    Desktop agent doesn’t seem to respond to web calls..
    Stuck with Cloud Agent for now (with 1000 calls limitation)

    Receiving following error when trying to use desktop agent:
    “An error occurred.
    Sorry, the page you are looking for is currently unavailable.
    Please try again later.”

    Avatar

    “The Postman agent is a micro-application that”…
    Download the Postman agent for Linux here…
    .tar.gz…
    75MB!!!

    SEVENTY FIVE MEGABYTES!

    You think it’s funny to call that monster “a MICRO-application”? My first computer had an 50MB HDD with full-working Windows system! How would you call it then? “Nano OS” or “Pico OS”?

    Avatar

    Someone say’s the size of agent is monster sized application a “whooping” 75 MB.
    It’s 2022 old man, move on from your rusty system and mindset otherwise keep running with that 50 MB HDD of yours

    Avatar

    Rest Client.apk

    Avatar

    Please i keep getting the error that my team account is locked to version 9.

    Avatar

    I just want use it。

    Avatar

    Every link is outdated in the blog related to the downloading of the postman agent. Please go through it.

      Avatar

      Thank you for the heads up—updated with new link!

    Avatar

    I have Downloaded the postman Desktop agen but i am getting recommended download the postman desktop agen again. I installed again , but still i got the same message I do not know how to activate that from my download folder