- Introduction
- Installing and updating
- Navigating Postman
- Sending your first request
- Managing your account
- Syncing your work
- Discovering templates
- Creating your first collection
- Creating a workspace
- Setting up your Postman app
- Importing and exporting data
- Troubleshooting app issues
- Building requests
- Authorizing requests
- Receiving responses
- Grouping requests in collections
- Using variables
- Managing environments
- Visualizing responses
- Specifying examples
- Using cookies
- Working with certificates
- Generating client code
- Troubleshooting requests
- Using the Collection Runner
- Scheduling runs with monitors
- Building request workflows
- Importing data files
- Working with your team
- Defining roles
- Requesting access
- Sharing your work
- Your private API network
- Commenting on collections
- Versioning APIs
- Using version control
- Using the API Builder
- Managing and sharing APIs
- Validating APIs
- Monitoring APIs
- Setting up a monitor
- Viewing monitor results
- Monitoring APIs and websites
- Set up integrations to receive alerts
- Running Postman monitors using static IPs
- Troubleshooting monitors
- Monitoring FAQs
- Analyzing with reports
- Documenting your API
- Authoring your docs
- Publishing your docs
- Viewing documentation
- Using custom domains
- Publishing templates
- Publishing to the API Network
- Submission guidelines
- Managing your team
- Purchasing Postman
- Billing
- Configuring team settings
- Utilizing audit logs
- Onboarding checklist
- Intro to SSO
- Configuring SSO for a team
- Logging in to an SSO team
- Microsoft AD FS
- Custom SAML in Azure AD
- Custom SAML in Duo
- Custom SAML in GSuite
- Custom SAML in Okta
- Custom SAML in Onelogin
- Custom SAML in Ping Identity
- Migrating to the current version of Postman
Defining roles
Certain team options are only available on Postman Team, Business, and Enterprise plans. To see which roles are available on your plan, go to your web dashboard.
In Postman you can assign roles and permissions to provide access control.
Contents
Roles in Postman
As a team admin, you have the power to define Postman access at the team, workspace, collection, and API level. You can utilize Postman's role-based access control system to limit visibility of team resources, define your development workflow, and provide access to administrative and billing personnel.
Team roles
You can assign three role types to team members: Admin, Billing, and Developer.
- Admin: manage team members and team settings
- Billing: manage team plan and payments
- Developer: access team resources and workspaces
Each user must have at least one role attached to them, and can hold multiple roles simultaneously.
Team roles provide high-level access control:
| Permission | Admin | Billing | Developer |
|---|---|---|---|
| Add and remove users | ✔ | ||
| Manage team Admins and Developers | ✔ | ||
| Manage SSO | ✔ | ||
| Manage custom domains | ✔ | ||
| View audit logs | ✔ | ||
| View usage data | ✔ | ✔ | ✔ |
| Manage Billing members | ✔ | ||
| Manage payment | ✔ | ||
| Change plan | ✔ | ||
| View shared APIs, collections, environments, mock servers and monitors | ✔ | ||
| View and create team workspaces | ✔ | ||
| View activity feed | ✔ |
Workspace roles
You can assign two role types in Postman workspaces: Admin and Collaborator.
- Admin: manage workspace details and members
- Collaborator: work on team resources in a workspace
The following roles control access at a workspace level:
| Action | Admin | Collaborator |
|---|---|---|
| Create workspaces | ✔ | ✔ |
| Delete workspaces | ✔ | |
| Edit workspace details | ✔ | |
| Join and leave workspaces | ✔ | ✔ |
| Add members | ✔ | ✔ |
| Remove members | ✔ | |
| Manage workspace roles | ✔ | |
| Manage workspace visibility | ✔ | |
| Add and remove APIs, collections, and environments | ✔ | ✔ |
| Manage integrations | ✔ | ✔ |
| Add monitors and mock servers | ✔ | ✔ |
API roles
You can assign two role types in Postman APIs: Editor and Viewer.
- Editor: edit APIs directly
- Viewer: view, fork, and export APIs
The following roles control access at an API level:
| APIs | Editor | Viewer |
|---|---|---|
| Edit and delete APIs | ✔ | |
| Manage roles on APIs | ✔ | |
| Share APIs | ✔ | ✔ |
| Comment on APIs | ✔ | ✔ |
| Create new API versions | ✔ | |
| Update schema | ✔ | |
| Generate collections from the schema | ✔ | ✔ |
| View reports for APIs | ✔ | ✔ |
| Add and remove API environments | ✔ | ✔ |
| Add and remove API documentation | ✔ | ✔ |
| Add and remove API test suites, integration tests, and contract tests | ✔ | ✔ |
| Add and remove API monitors | ✔ | ✔ |
| Add and remove API mock servers | ✔ | ✔ |
Collection roles
You can assign two role types in Postman collections: Editor and Viewer.
- Editor: edit collections directly
- Viewer: view, fork, and export collections
The following roles control access at a collection level:
| Collections | Editor | Viewer |
|---|---|---|
| Edit and delete collections | ✔ | |
| Manage roles on collections | ✔ | |
| Export collections | ✔ | ✔ |
| Fork collections | ✔ | ✔ |
| Merge forks on collections | ✔ | |
| Publish collection documentation and add to API Network | ✔ | |
| Share collections to a different workspace | ✔ | ✔ |
| Tag and restore collection versions | ✔ | |
| Add, edit, and delete mock servers | ✔ | |
| Add, edit, and delete monitors | ✔ |
Managing roles and permissions
To manage team roles, see Managing roles.
Roles FAQ
- Our only team member with billing/admin permissions left - what can I do?
Contact us via our Support Center for assistance. - I'm an admin, why can't I assign the billing role?
Billing roles can only be granted by a fellow team member with a billing role. If this is not possible, contact us via our Support Center for assistance. - Is there a "Super Admin" role?
A "Super Admin" role is being considered for development. You can track progress and upvote this issue on GitHub to show your support. - Our colleague left the organization, how can we access their collections?
Remove the former colleague from your Postman team in the web dashboard. When a collection owner is removed from your team, ownership of their shared collections is transferred to fellow team members and these collections will continue to exist in your Postman team. - What are "support" roles?
A support-only account is one that holds an admin and/or billing role, but is not a developer. Teams can have up to two support-only accounts.
Next steps
Learn more about Working with your team.