Manage Postman Vault integrations

Postman Vault integrations are available on Postman Enterprise plans with the Advanced Security Administration add-on.

Postman supports several features you can use to manage and update your Postman Vault integrations from the Postman desktop app. You can set the expiration duration for cached secrets, change linked secrets, reauthenticate with your external vaults, and disconnect your integrations. With these features, you can customize settings for retrieving secrets from external vaults, and manage access to Postman Vault integrations.

Set expiration duration for cached secrets

The value of secrets retrieved from external vaults are stored in a local cache for 1 hour by default. When secrets are cleared from the local cache, Postman retrieves your secrets' values from your external vaults, storing them in a local cache again for the specified duration. You can customize the duration that values are stored in the local cache, and you can manually reset the value stored in the local cache.

You can customize the amount of time secrets' values are stored in a local cache for. Select Settings icon Settings, then specify the amount of time secrets are valid for (in minutes) next to Secret expiration duration.

You can also manually reset secrets' values stored in a local cache. This ensures that Postman is using the latest values for your secrets. Select Settings icon Settings, then select Manually Reset Cache.

You can link a different secret stored in an external vault you've created an integration with. To link a different secret, select the vault integration icon Vault icon next to a secret, then select the edit icon Edit icon. Enter the required details on the Link secret window, then select Use.

Link different secret value

Postman recommends that you manually reset the value stored in the local cache.

To update the value of a secret stored in an external vault, you must sign in to your external vault provider separately and update the secret's value there. You can't update the value of secrets stored in external vaults directly from Postman.

Reauthenticate with an external vault

You'll need to reauthenticate with your integrated external vaults each time you sign in to Postman, or when your authentication credentials expire.

To reauthenticate with an external vault, do the following:

  1. Open your Postman Vault.

  2. Select the vault integration icon Reauthenticate Vault icon in the Value cell with the integration that you need to reauthenticate with.

  3. Select Re-Authenticate Vault.

    Reauthenticate external vault
  4. Follow the steps to reauthenticate with 1Password, AWS Secrets Manager, Azure Key Vault, or HashiCorp Vault.

Disconnect an integration

You can disconnect 1Password, AWS Secrets Manager, and Azure Key Vault integrations from your Postman Vault. You must be a Postman Team Admin or Super Admin to disconnect a HashiCorp Vault integration. When you disconnect an integration, references to the vault secret will be unresolved in your local instance of Postman.

To disconnect an integration, do the following:

  1. Open your Postman Vault, then select Settings icon Settings.
  2. Select Disconnect next to the integration you want to disconnect.

You can also select the vault integration icon Vault icon in the Value cell, and select the disconnect icon Disconnect icon.

Last modified: 2024/04/29