Skip to main content

How To Onboard An Application Using Postman Gateway

Prerequisites

  • A Postman account (signed in on the web or desktop app).
  • Access to the team/workspace whose collections/APIs you want to use.
  • At least one Postman Workspace you can access.
  • If your company uses Postman Enterprise, a Team Admin might control who can generate keys and set org-wide expiry—if you don’t see the option to create a key, ask your admin.

Get your Postman API key

  1. In Postman, click your avatar → Settings.

alt text

  1. On the Account settings page, open API keys.
  2. Click Generate API Key, give it a name, then Generate.

alt text

  1. Copy the API-key (store it securely; you won’t see it again in full).
  2. You can later rename, regenerate, delete, or set expiration for keys.
  3. You can use this API-Key to get the list of APIs/Collections present in your Postman application by creating a Connection in the APIsec Platform.

Open your browser and visit: https://<your-tenant>.apisecapps.com

Start Adding a New Application

Click on the "Add Application" button.

Add Application

Select Postman Gateway

  • Choose the "Postman Gateway" option. Choose the Postman Gateway

  • Click "Next" to proceed. Click Next

Enter Application Details

  • Register application from Postman Gateway, enable the toggle button alt text

  • Fill the form, Name and API Key alt text

  • Click Test Connection alt text

  • Click Create Connection alt text

  • Select Workspace and Correct API from the API list alt text

  • Click Continue alt text

  • Click Onboard alt text

  • Application Dashboard alt text

Auto-Onboard

The Auto-Onboard feature streamlines API onboarding by automatically detecting and registering unregistered APIs from Postman Gateway. This ensures that all APIs, including newly published ones, are consistently onboarded and tested for vulnerabilities with minimal manual effort.

Enable Auto-onboard

  • Open your browser and visit: https://<your-tenant>.apisecapps.com

  • Click Integrations tab

    alt text

  • Click Onboard Applications adjacent to the Postman Gateway

    alt text

  • Enable Auto-Onboard of any existing Postman connection.

    alt text

  • Fill the Postman AutoOnboard Details and click on Save Schedule

    • Frequency – How often the onboarding should occur. By default it is weekly.
    • Day of the Week – Select the specific day for onboarding.
    • Hour – The exact time (in hours and minutes) when the onboarding should start.
    • Timezone – The timezone in which the schedule should be applied
    • Workspace – Select the workspace you want to onboard from the Workspace dropdown.
    • Type - Choose the corresponding Type (Collections/APIs/All) for the selected workspaces.
    • API Selection Scope - Select whether to auto-onboard all available APIs or limit onboarding to only those published after the specified date.

    alt text

  • Successfully saved auto-onboard details.

    alt text

Update Schedule

  • Open your browser and visit: https://<your-tenant>.apisecapps.com

  • Click Integrations tab

    alt text

  • Click Onboard Applications adjacent to the Postman Gateway

    alt text

  • Click Auto-Onboard

    alt text

  • Update the details and Click on Update Schedule

    alt text

Disable Auto-Onboard

  • Open your browser and visit: https://<your-tenant>.apisecapps.com

  • Click Integrations tab

    alt text

  • Click Onboard Applications adjacent to the Postman Gateway

    alt text

  • Click Auto-Onboard

    alt text

  • In Edit Postman AutoOnboard Details, disable the Enable Automatic API Onboarding.

    alt text

  • Click Yes

    alt text

  • Auto-Onboard details deleted successfully!

    alt text