Postman Authorization

OAuth 2.0: Implicit Flow is Dead, Try PKCE Instead

There are a number of OAuth 2.0 flows that can be used in various scenarios. The Implicit flow was previously recommended for native, mobile, and browser-based apps to immediately grant the user an access token.…

How Postman feeds my sushi addiction ?

The Sushi Selector ? is a Postman collection that recommends a nearby sushi spot. When run locally with the Postman collection runner, the collection searches for sushi restaurants and posts the recommendation as a direct message…

Postman makes authorization stronger and easier

API authorization is a top concern at Postman. We’ve always built features to help you manage authorization for your protected resources, such as using environment variables with authorization types, saving authorization types to collection requests…