Repro Mode security considerations

When Repro Mode is enabled, the Postman Insights Agent uploads the header and payload data from requests with errors. This information is stored in the Postman Cloud and shown to any user with the Viewer access to the Postman Insights project.

Authentication data and any known credential formats are redacted before transmission, as well as any fields that you redact in the project Settings. However, the payload data that contains other types of sensitive information, or an authentication header not recognized by the Postman scanner, may be sent to Postman and stored for up to 30 days.

When Repro Mode is off

When Repro Mode is turned off, the Insights Agent client drops all data values from the observed traffic before sending it to Postman. This includes query parameters, headers in requests and responses, and values (but not identifiers) in JSON and YAML request and response values. All data-format inference happens on the client side, before the data is removed. The Postman cloud doesn't see the raw values.

When Repro Mode is on

When Repro Mode is enabled via the --repro-mode flag, the Insights Agent additionally retains payload data for HTTP requests with a response code of 4xx or 5xx. The Insights Agent has a built-in list of sensitive keywords (such as x-api-key) that redacts, headers, query, parameters, and request/response body portions. Insights transformed the body into the string *REDACTED*.

The Insights Agent client drops all data values from the observed traffic before sending it to Postman. All data-format inference happens on the client side, before the data is removed. Initial values aren't sent to the Postman cloud. Uploads of the obfuscated data to Postman are performed over HTTPS using TLS.