Integrate Postman into your development toolchain

The Postman API enables you to programmatically manage your Postman assets and integrate Postman into your development toolchain. You can use it to manage collections, environments, monitors, and other Postman elements. You can also access data stored in your Postman account and combine the Postman API with Newman to integrate Postman with your CI/CD workflow.

You can get started by forking the Postman API collection in the Postman Public Workspace. For more details, see the Postman API documentation. You will also need an API key to access the Postman API.

The Postman API is rate limited.

Postman API features

The Postman API supports the following Postman features:

There are more Postman API endpoints available on Postman Enterprise and Professional plans only.


Use the Workspaces APIs to manage your Postman workspaces. These endpoints enable you to create temporary workspaces to test, which you can then delete when you're finished. You can also save a backup of another workspace or specific resources (such as collections or APIs) using the Postman API.


Use the Collections APIs to manage your Postman Collections and simplify collection-related workflows. You can use these endpoints to add, delete, or update your collections. You can also use these endpoints to:

  • Update an entire collection or a collection's requests, folders, and responses.
  • Transfer collection items between collections or folders.
  • Manage your collection forks.

You can also use these endpoints to import an OpenAPI definition to create a collection or transform an existing collection into an OpenAPI definition. This lets you automatically generate a collection from your source code or API definition so you can then automatically sync it with Postman. Any resources that depend on that collection, such as monitors or mock servers, will also see the updated requests and responses.

Environments and variables

The Environments API enable you to programmatically manage your Postman environments. You can use this API to manage your global variables, which scope your work to different environments (such as local development, testing, or production). You can also manage collection variables, which are available throughout a collection's requests.


Postman API v9 APIs are deprecated.

Use the Postman API endpoints to manage your APIs and integrate with your CI/CD systems and automate the publication of new API versions. You can also use it to perform other actions, such as:

  • Update or change your API definition.
  • Create and publish new versions of your API.
  • Manage and sync collections attached to an API.

Mock servers

In addition to performing CRUD (Create, Read, Update, and Delete) operations on your mock servers, you can use the Mocks API to:

  • Set a mock server to public or private.
  • List all calls received by a mock server.
  • Manage mock server responses for 5XX errors.


The Monitors API enables you to programmatically run collections, depending on specific events on your CI/CD pipelines. You can also create and run a webhook, which is a special monitor that runs a collection.


The Comments endpoints enable you to manage comments on Postman APIs, collections, and collection folders, requests, and responses. You can use comments to collaborate and discuss your work with your teammates in Postman.


Use the Forks endpoints to manage forks of Postman collections and environments. Forks are new instances of an element that you can change without making any changes to the parent element. You can use these endpoints to find all forks for a specific Postman Collection or environment, or get the current status of a forked collection’s source collection. You can also use these endpoints to programmatically create or merge forks, as well as pull source changes.

User and usage data

The User API return information about the API key's owner. You can use it to get data about your API usage and check how many requests you can perform until the end of the month.


Roles define user permissions within Postman elements, such as workspaces, collections, and APIs. These endpoints enable you to programmatically manage user permissions.

Workspace roles

With the Workspace Roles API you can manage user and user group permissions within a specific workspace. You can use these endpoints to help you with onboarding or offboarding, automating role-based workflows, and simplifying compliance and auditing processes by ensuring the right team members have access to sensitive information.


The Billing API enables you to get information about your Postman billing account. You can use these endpoints to help with account and compliance. You can also use these endpoints to integrate with your internal systems, such as SAP.

APIs for Enterprise or Professional plans

The following APIs are only available for Postman Enterprise or Professional plan users:

Private API Network

The Private API Network API enables you to programmatically manage your Private API Network. Use these endpoints to automate the management of your team's internal documentation, integrate it with CI/CD, and ensure that the documentation is always up-to-date. This API also enables you to get all user requests to add elements to the Private API Network and approve or reject them.


Use the Tags APIs to manage your Postman tags programmatically. You can use these endpoints to add or remove tags from Postman collections, APIs, and workspaces. You can also use this API to get all Postman elements that match a given tag and then operate on them programmatically.

Secret Scanner

The Secret Scanner API programmatically provides the same functionality as the Secret Scanner dashboard. These endpoints enable Enterprise customers to manage secrets detected by the Postman Secret Scanner. Use it to:

  • Search detected secrets (paginated).
  • Find the location of a detected secret.
  • Update the resolution status of a detected secret.
  • Build automatic notification systems.
  • Programmatically resolve detected secrets.


The SCIM API supports SCIM (System for Cross-domain Identity Management), which enables you to automate the provisioning of your team. You can deploy Postman at scale across your organization and control access to it with your identity provider. You can use these endpoints to integrate your onboarding process and automatically provision users and groups.

API security and governance

The API Security API enables you to manage your API’s security by running security checks and tracking your API definition's governance and security rule violations. For example, you can use the API definition security validation endpoint to validate an OpenAPI definition. You can also use it to publish a new version of your API.

Audit logs

Use the Audit Logs API to monitor and analyze your Postman Enterprise teams. Team Admins can review audit logs, filter by specific criteria, and get information about:

  • When users were added to, removed from, or invited to your team.
  • Which user performed a specific action—and when they did so.

About v9 API Builder endpoints

The format for the API Builder endpoints in Postman changed in Postman v10. The Postman API only supports endpoints for working with APIs created in v10 and later. The endpoints for working with APIs created in v9 are deprecated. At a future time they will no longer be available.

Last modified: 2024/05/06