Scan data for secrets

Postman

5min



Source integration for Postman.

Configuration options

  • To generate a Postman API key for use in the configuration file, log into your Postman account and click on this link to bring you to the Postman API key generation page. Once your API key expiration settings are set, you can click on the orange Generate API Key button on the page.
  • To find your Postman Workspace ID, select your workspace and click on the ellipsis icon on the far right of the page.
    • 

      Postman workspace ID access
      Postman workspace ID access
      

Web Configuration

You can configure this integration via the web UI through the integrations tab or you can use a local configuration file as outlined below.

Local configuration

A valid Postman API key is required. Multiple workspaces can be inside of the configuration file. If no specific workspaces are included in the configuration, the scanner will enumerate and scan all the workspaces that the Postman API key has access to.

YAML


Key

Description

Required

token

Postman API key

Yes

workspaces

Postman Workspace IDs

No

Capabilities

Feature

Supported

Workspaces

Collection inside of workspace

Folder inside of workspace

Request inside of workspace

Saved responses inside of workspace

Environments inside of workspace

Basic Auth, Bearer Tokens, API Keys, AWS, OAuth2 authorization types

Globals environment

Workspace response history

Collection description



Updated 25 Feb 2025
Doc contributor
Doc contributor
Doc contributor
Doc contributor
Did this page help you?