Set up authorization for public APIs using Guided Auth

An increasing number of public APIs offer Guided Auth in Postman, including Stripe, Open AI, Notion, and Spotify. When you create an HTTP request to an API that supports Guided Auth, Postman will automatically recognize if the API requires authentication. Then you can follow steps set up by API publishers to set up authentication credentials for the public API, and store them in your Postman Vault as vault secrets.

Once your credentials are stored in your Postman Vault, you can reuse them throughout your local instance of Postman to authenticate with the public API. Only you can access and use your encrypted vault secrets, and vault secrets aren't synced to the Postman cloud.

To get started, select the Authorization tab of an HTTP request to a public API that has Guided Auth set up. Select the Auth Type dropdown list, then select one of the authentication options under Guided setup. This enables you to learn what authentication credentials you'll need, and where to find them.

Store auth in Postman Vault

Guided Auth supports public APIs that require bearer, basic, API key, or OAuth 2.0 authentication credentials:

  • For APIs requiring authentication credentials like tokens or API keys, follow the instructions to get your credentials, then enter them into the Auth credentials field.
  • For APIs that support OAuth 2.0, select Authorize to get your credentials and automatically enter the access token into the Auth credentials field.

Then select Store Auth in Vault to add your credentials to your Postman Vault.

Learn more about using Guided Auth to add credentials as vault secrets in your Postman Vault.

If you're an API publisher, you can set up Guided Auth for your public APIs in your team dashboard. For more information, see Set up Guided Auth for public APIs.

Last modified: 2024/04/29