Administer PostmanTeam managementSecret ScannerSecret Scanner dashboard

Manage secrets with the Secret Scanner dashboard

View as Markdown

The Secret Scanner dashboard is available on Postman Enterprise plans. For more information, see the pricing page.

With the Secret Scanner dashboard, Team and Super Admins can monitor and manage how secrets are detected and handled across Postman workflows. It provides centralized visibility into exposed secrets and tools to control how sensitive information, like API keys and tokens, is secured.

The dashboard brings together Local Secret Protection and Cloud Secret Detection. You can define how secrets are handled before they’re shared and review and respond to secrets detected in the Postman cloud.

Manage detected secrets

The Secret Scanner dashboard provides centralized visibility and control for how secrets are detected and handled across your organization.

For Local Secret Protection, you can define workspace-level policies that control how exposed secrets are handled across your organization. These policies determine how secrets are stored when they’re detected, helping ensure sensitive data is secured before it can be shared. To learn more, see Manage Local Secret Protection policies.

For Cloud Secret Detection, you can review secrets detected in the Postman cloud, investigate where they were found, and take action to resolve them. To learn more, see Manage Cloud Secret Detection findings.

Together, these capabilities enable your team to enforce consistent security practices and respond to potential exposures more effectively.

Customize secret detection

With the Advanced Security Administration add-on, you can use custom patterns to detect secrets specific to your organization. Custom patterns enable you to scan for proprietary tokens and third-party app secrets that aren’t covered by default patterns.

Before adding a pattern, you can run a dry test to preview the results it returns. Custom patterns are available on Enterprise plans with the Advanced Security Administration add-on.

To learn more, see Secret Scanner patterns.

Analyze secret activity with reports

With the Advanced Security Administration add-on, you can view Secret Scanner reports to gain insights into how secrets are detected and managed across your organization.

Reports include metrics for both Local Secret Protection and Cloud Secret Detection. For example, you can see how many secrets are moved to Postman Vault, how often users override protection policies, and the status of detected secrets across your team.

To learn more, see Secret Scanner reports.