Securely manage your team’s Postman API keys
Postman users rely on API keys to prove their identity and gain access to APIs. However, it can be challenging for larger teams to manage high volumes of API keys securely. We are excited to introduce a new feature that makes it easier for teams to manage their Postman keys at scale.
Now, the Super Admin and Admin users can view and manage all active Postman API keys created by users in their teams. This feature can help administrators govern keys in the Postman API Platform and maintain compliance and security across their organization. Admin users will know which team member created a specific Postman API key and can now revoke the API keys if needed. Admin users can manage API keys by selecting Team in the Postman header and then selecting Manage Postman Keys.
Admins can also disable the creation of Postman API keys and set the expiration date for the key at the team level. Setting the API key expiration at the team level overrides the user-level configuration. Admins can also revoke all active Postman API keys for the team in one easy click if needed.
Learn more
Related: Use the Authorization Methods Template
The new Manage Postman Keys feature is available with our Enterprise plan, so please contact Postman sales to upgrade and gain access if you aren’t already an Enterprise user. You can also find more details about Postman API keys in our Learning Center. Additionally, you can visit the Postman Trust Center to gain knowledge about organizational security and how to protect your accounts and data in Postman.
What do you think about this topic? Tell us in a comment below.