Postman Security

Postman Environments: How to Control Access to Variables, Workflows, and More

Many enterprises struggle to maintain control over their fast-growing and ever-evolving API infrastructure. At Postman, helping enterprises address these challenges is an ongoing top priority for us. Exhibit A: the new release of role-based access…

How We’re Protecting Your Postman API Keys in GitHub

With more than 10 million people worldwide using Postman, we take security very seriously and are committed to protecting our community from vulnerabilities. Here’s the most recent example of that commitment: Developers contribute code to…

Set and view SSL certificates with Postman

Secure Sockets Layer (SSL) certificates are a way of authentication for some servers using the SSL encryption protocol. These certificates provide secure, encrypted communications between a client and a server. If you’re submitting sensitive data…

Postman makes authorization stronger and easier

API authorization is a top concern at Postman. We’ve always built features to help you manage authorization for your protected resources, such as using environment variables with authorization types, saving authorization types to collection requests…