- Introduction
- Installing and updating
- Navigating Postman
- Sending your first request
- Managing your account
- Syncing your work
- Discovering templates
- Creating your first collection
- Creating a workspace
- Setting up your Postman app
- Importing and exporting data
- Troubleshooting app issues
- Building requests
- Authorizing requests
- Receiving responses
- Grouping requests in collections
- Using variables
- Managing environments
- Visualizing responses
- Specifying examples
- Using cookies
- Working with certificates
- Generating client code
- Troubleshooting requests
- Using the Collection Runner
- Scheduling runs with monitors
- Building request workflows
- Importing data files
- Working with your team
- Defining roles
- Requesting access
- Sharing your work
- Your Private API Network
- Commenting on collections
- Versioning APIs
- Using version control
- Using the API Builder
- Managing and sharing APIs
- Validating APIs
- Monitoring APIs
- Setting up a monitor
- Viewing monitor results
- Monitoring APIs and websites
- Set up integrations to receive alerts
- Running Postman monitors using static IPs
- Troubleshooting monitors
- Monitoring FAQs
- Analyzing with reports
- Documenting your API
- Authoring your docs
- Publishing your docs
- Viewing documentation
- Using custom domains
- Publishing templates
- Publishing to the API Network
- Submission guidelines
- Managing your team
- Purchasing Postman
- Billing
- Configuring team settings
- Utilizing audit logs
- Onboarding checklist
- Intro to SSO
- Configuring SSO for a team
- Logging in to an SSO team
- Microsoft AD FS
- Custom SAML in Azure AD
- Custom SAML in Duo
- Custom SAML in GSuite
- Custom SAML in Okta
- Custom SAML in Onelogin
- Custom SAML in Ping Identity
- Migrating to the current version of Postman
Configuring SSO for a team
Configuring single sign-on
Only a team administrator (admin) can configure single sign-on (SSO) for a Postman team.
Go to Team Settings. In the following screen, select Authentication.
Upon selecting Authentication, the following screen appears:
After configuring an SSO authentication for your Postman team, you can use the toggle option in Settings (as illustrated above) to turn on/off this SSO authentication. Click the button (circled above) to turn on/off your SSO authentication system. This is a team-level option which will enable/disable SSO for the whole team. To update the SSO settings, click Edit.
To configure a new authentication method, click Add a new authentication method button.
In the ADD AUTHENTICATION METHOD modal, select the authentication type. Enter an authentication name that is easily identifiable to your team. Then click the Proceed button.
Note: Always check with your authentication provider dashboard or your IT support staff for the correct information to complete a modal.
In the "Service Provider Details (Postman)" screen, the Entity ID, and the URLs for the Login and ACS are already populated.
As a next step, you must fill in the details in the Identity Provider Details section. And then provide your authentication certificate from your identity provider in "X.509 Certificate".
To enter details in the Identity Provider Details section, you must login to your IDP account and fetch details. Refer to the corresponding section of the documentation and follow the outlined procedure there:
- Setting up custom SAML in Okta
- Setting up custom SAML in Duo
- Setting up custom SAML in Gsuite
- Setting up custom SAML in Onelogin
- Setting up custom SAML in Ping Identity
- Setting up custom SAML in Azure AD
Managing user accounts
This section describes the following topics:
- Creating end user accounts
- Adding existing user accounts
- Automatically adding new users
- Managing team logins
- Removing team access
Creating end user accounts
You can create an account for a user in the Identity Provider (IdP).
The first time a new user logs in to Postman through the IdP, a Postman account is created under two conditions—the team has seats available and the Automatically add new users checkbox was enabled during SSO configuration.
The user will be automatically associated to the team with a user role and have access to team resources.
Adding existing user accounts
If a Postman user logs in to Postman through a team's IdP, the user will be automatically added to the team if one of the following is true:
- The team has available slots and the Automatically add new users checkbox in your configuration is enabled.
- An admin has invited the user to join the team.
Automatically adding new users
The Automatically add new users checkbox in your SSO configuration determines whether users with accounts in your SSO system will be allowed to join your team automatically by signing in to Postman with SSO. If this is enabled, users with or without existing Postman accounts can join your team by heading to the Enterprise login page and logging in with SSO.
Automatically add new users will only work if your team has user slots available. Your team size will not be automatically increased if additional users log in via SSO.
Managing team logins
By default, Postman only supports Service Provider initiated logins for Postman Business or Enterprise teams utilizing SSO. Your team will be required to head to the Enterprise login page in order to log in to Postman. If you require users be able to log in from your SSO portal, you can generate and copy the RelayState from your Postman team settings and save it in your IDP configuration. This ensures an additional level of security when logins are initiated through a source unknown to Postman.
Removing team access
An admin must remove users from their Postman team to prevent access to shared resources.