Skip to main content

How To Onboard An Application Using Postman Gateway


Prerequisites

  • A Postman account (signed in on the web or desktop app).
  • Access to the team/workspace whose collections/APIs you want to use.
  • At least one Postman Workspace you can access.
  • If your company uses Postman Enterprise, a Team Admin might control who can generate keys and set org-wide expiry—if you don’t see the option to create a key, ask your admin.

Get your Postman API key

  1. In Postman, click your avatar → Settings.

    alt text

  2. On the Account settings page, open API keys.

  3. Click Generate API Key, give it a name, then Generate.

    alt text

  4. Copy the API-key (store it securely; you won’t see it again in full).

  5. You can later rename, regenerate, delete, or set expiration for keys.

  6. You can use this API-Key to get the list of APIs/Collections present in your Postman application by creating a Connection in the APIsec Platform.


Start Adding a New Application

Select Postman Gateway

  • Choose the Postman Gateway option.

    Choose the Postman Gateway

Enter Application Details

  • Register application from Postman Gateway, enable the toggle button

    alt text

  • If existing connections are available, they will be displayed in the Connections list. To create a new connection, click New Connection.

  • If no connections exist, a connection form is displayed, allowing you to enter the required details and create a connection.

    alt text

  • Fill the form, Name and API Key

    alt text

  • Click Test Connection

    alt text

  • After Test connection successfull, Click Create Connection

    alt text

  • Select Workspace and Correct API from the API list

    alt text

  • Click Continue

    alt text

  • Click Onboard

    alt text

  • Application Dashboard

    alt text

Auto-Onboard

The Auto-Onboard feature streamlines API onboarding by automatically detecting and registering unregistered APIs from Postman Gateway. This ensures that all APIs, including newly published ones, are consistently onboarded and tested for vulnerabilities with minimal manual effort.

Enable Auto-onboard

  • Open your browser and visit: https://<your-tenant>.apisecapps.com

  • Click Integrations tab

    alt text

  • Click Onboard Applications adjacent to the Postman Gateway

    alt text

  • Enable Auto-Onboard of any existing Postman connection.

    alt text

  • Fill the Postman AutoOnboard Details and click on Save Schedule

    • Frequency – How often the onboarding should occur. By default it is weekly.
    • Day of the Week – Select the specific day for onboarding.
    • Hour – The exact time (in hours and minutes) when the onboarding should start.
    • Timezone – The timezone in which the schedule should be applied
    • Workspace – Select the workspace you want to onboard from the Workspace dropdown.
    • Type - Choose the corresponding Type (Collections/APIs/All) for the selected workspaces.
    • API Selection Scope - Select whether to auto-onboard all available APIs or limit onboarding to only those published after the specified date.

    alt text

  • Successfully saved auto-onboard details.

    alt text

Update Schedule

  • Open your browser and visit: https://<your-tenant>.apisecapps.com

  • Click Integrations tab

    alt text

  • Click Onboard Applications adjacent to the Postman Gateway

    alt text

  • Click Auto-Onboard enabled toggle.

    alt text

  • Update the details and Click on Update Schedule

    alt text

Disable Auto-Onboard

  • Open your browser and visit: https://<your-tenant>.apisecapps.com

  • Click Integrations tab

    alt text

  • Click Onboard Applications adjacent to the Postman Gateway

    alt text

  • Click Auto-Onboard enabled toggle.

    alt text

  • In Edit Postman AutoOnboard Details, disable the Enable Automatic API Onboarding.

    alt text

  • Click Yes to confirm

    alt text

  • Auto-Onboard details deleted successfully!

    alt text

Edit Postman Connection

To Edit Postman connection

  • Open your browser and visit: https://<your-tenant>.apisecapps.com

  • Click Integrations tab

    alt text

  • Click Onboard Applications adjacent to the Postman Gateway

    alt text

  • A list of existing Postman connections is displayed.

    alt text

  • Select the Pencil icon next to the connection you want to edit.

    alt text

  • Update the required details and Click on Test Connection

    alt text

  • once Test connection successfull then Click on Update Connection

    alt text

  • The updated connection is now displayed in the connections list.

    alt text

Delete Postman Connection

  • Open your browser and visit: https://<your-tenant>.apisecapps.com

  • Click Integrations tab

    alt text

  • Click Onboard Applications adjacent to the Postman Gateway

    alt text

  • A list of existing Postman connections is displayed.

    alt text

  • Select the Delete icon next to the connection you want to delete.

    alt text

  • Click Delete to confirm

    alt text

  • The deleted connection is no longer displayed in the connections list.

    alt text

Application Onboarding Using a Postman Collection

  • Open your browser and visit: https://<your-tenant>.apisecapps.com

  • Click on the "Add Application" button.

    Add Application

  • Choose the Postman Gateway option.

    Choose the Postman Gateway

  • Enter Name of the Application and upload Postman Collection file and Click Continue

    Choose the Postman Gateway

  • Add or update the required Environment URL

    • To upload a Postman Environment file for an environment, click the File Upload icon next to the corresponding Environment URL.

      Choose the Postman Gateway

  • Click Onboard.

Choose the Postman Gateway

  • Application Dashboard

    alt text

Application Onboarding Using a Postman Collection ID

  • Open your browser and visit: https://<your-tenant>.apisecapps.com

  • Click on the "Add Application" button.

    Add Application

  • Choose the Postman Gateway option.

    Choose the Postman Gateway

  • Click URL

    Choose the Postman Gateway

  • Enter Name of Application, Collection Id and API Key and Click Continue

    Choose the Postman Gateway

  • Add or update the required Environment URL and Click Onboard

    Choose the Postman Gateway

  • Application Dashboard

    Choose the Postman Gateway