For AI agents: a documentation index is available at the root level at /llms.txt and /llms-full.txt. Append /llms.txt to any URL for a page-level index, or .md for the markdown version of any page.
Postman
PricingEnterprise
Contact SalesSign InSign Up for Free
HomeDocs
HomeDocs
      • Overview
        • Overview
          • Overview
          • Add certificates
          • Request authorization
          • Public API authorization
          • Authorization types
          • Digest
          • OAuth 1.0
          • OAuth 2.0
          • Hawk
          • AWS Signature
          • NTLM
          • Akamai Edgegrid
          • ASAP (Atlassian)
Postman API Platform

Product

  • Postman Overview
  • Enterprise
  • Spec Hub
  • Flows
  • Agent Mode
  • API Catalog
  • Fern
  • Postman CLI
  • Integrations
  • Workspaces
  • Plans and pricing

API Network

  • App Security
  • Artificial Intelligence
  • Communication
  • Data Analytics
  • Database
  • Developer Productivity
  • DevOps
  • Ecommerce
  • eSignature
  • Financial Services
  • Payments
  • Travel

Resources

  • Postman Docs
  • Academy
  • Community
  • Templates
  • Intergalactic
  • Videos
  • MCP Servers

Legal and Security

  • Legal Terms Hub
  • Terms of Service
  • Postman Product Terms
  • Security
  • Website Terms of Use

Company

  • About
  • Careers and culture
  • Contact us
  • Partner program
  • Customer stories
  • Student programs
  • Press and media
Twitter iconLinkedIn iconGithub iconYouTube iconInstagram iconDiscord icon
Download Postman
Privacy Policy

© 2026 Postman, Inc.

Use PostmanSend requestsAuthentication and authorization

Authenticate with Hawk access authentication in Postman

||View as Markdown|
Was this page helpful?
Previous

Authenticate with OAuth 2.0 authentication in Postman

Next

Authenticate with AWS Signature authentication workflow in Postman

Built with

Hawk authentication enables you to authorize requests using partial cryptographic verification.

To use Hawk authentication, do the following:

  1. In the Authorization tab for a request, select Hawk Authentication from the Auth Type dropdown list.

  2. Enter your details in the Hawk Auth ID, Hawk Auth Key, and Algorithm fields. You can optionally set advanced details, but Postman will try to generate values for them if necessary.

When the required details are complete in the Authorization tab for your request, Postman will add them to the Headers tab.

The Hawk Authentication parameters are as follows:

  • Hawk Auth ID - Your API authentication ID value.
  • Hawk Auth Key - Your API authentication key value.
  • Algorithm - The hash algorithm used to create the message authentication code (MAC).
  • Advanced parameters:
    • User - The username.
    • Nonce - A random string generated by the client.
    • ext - Any application-specific information to be sent with the request.
    • app - The binding between credentials and the application to prevent an attacker using credentials issued to someone else.
    • dlg - The ID of the application the credentials were issued to.
    • Timestamp - Timestamp the server uses to prevent replay attacks outside the time window.
    • Include payload hash - When enabled, includes a hash of the request payload in the signature.