API Governance and API Security in Postman

API Governance and API Security are available on Postman Enterprise plans with the API Builder add-on.

The Postman API Governance and Postman API Security features identify inconsistencies or weaknesses in your APIs and recommend possible fixes or improvements that follow industry best practices. These features enable you to automate your organization's governance and security review processes instead of relying on manual reviews.

API governance is the practice of defining and applying development rules that promote consistent API behaviors across your organization's API landscape. And a robust API security posture means that your organization has development rules that promote security-first API behaviors.

Postman applies API governance and API security rules at the following phases of API development:

  • API definition - See rule violations that might impact your definition's governance and security postures.
  • API requests - See rule violations when you send requests to any API using either the Postman web app or the Postman desktop app.

Enterprise teams can also create custom rules. See the Configurable rules overview for more details.

Last modified: 2022/07/20