How can you access values in the Postman Vault from Pre-Request Script?
Hey @rcmcmullen2 
Welcome to the Postman community 
You should be able to use:
pm.variables.get('vault:<var_name>' );
Is this working for you?
No. Iāve tried that as well as pm.environment.get(āvault:<var_name>ā) and pm.collectionVariables.get(āvault:<var_name>ā) and none of them are working. I created the associated key/value pairs in both Environment and Collection Variables.
Taking a step back here, youāre using V11 right?
And you have created variables in your Postman Vault?
Could you share some images of what you have please? It will be easier to see whatās happening.
Interesting. 
Are you able to use a vault value in the URL, Params or Headers?
I tried it in the Headers successfully.
1 Like
My bad, I was automatically assuming that this could be achieved in the sandbox but after speaking with the team - I realised this was not the case. 
You can only access the vault variables in the URL, Params, Headers, Body and the Auth helper fields.
It would appear that you can set an environment variable to reference a key vault secret, but if you console log the environment variable, it just shows the secret name as a string.
You can see that the secret value ā456ā was used in the request (as its echoed back).
However the console log of the environment variable just shows the string.
Which is probably correct, as its trying to prevent the leak of those secrets.
1 Like
I should have been clearer - there isnāt a direct way to use them but there are workarounds 
Similar to how you could you pm.variables.set() to temp change a vault variable during the request execution.
There isnāt a method like the other scoped variables to directly reference a vault variable.
1 Like
So if we canāt access the Vault directly from the Sandbox then what is the suggested workaround? If I use the pm.variables.set() method I would need to either hard code the value (which needs to be secured), or try to reference the vault (which is not accessible).
I am currently using an environment variable, but the value is not secured like it is in the vault. The intention is to secure the value in a location that can being used by the Request.
That is a problem because we need this variable as part of a Pre-Request Script to generate a JWT Token.
1 Like
@danny-dainton - I presume you cannot create a Variable (Local, Collection, Global) to reference the Vault, either?
It seems like you can create a variable at the local, collection, global to reference the Vault as the Postman documentation suggests, but you cannot access the Vault variable in pre/post-scripts. Iām running into the same issue as well.
I was trying to determine which Vault variable to use based on the environment variable selected. It doesnāt seem like thereās a way to do that.
I suspect at this point, its working as designed and this would be a feature request that needs to be raised on the Postman Github.
I sort of understand why as it prevents the encrypted info from being discovered through the scripts but as I also use pre-request scripts a lot for authentication, it would mean that I canāt use the vault for this either.
I can use the vault to integrate with Azure Key Vault to retrieve the OAuth information required to authenticate which is a good feature, but I have no way of accessing those details in the pre-request script where I use sendRequest to hit the token end point.
I would have to use the authentication helper or a straight up request in the GUI instead to get the token.
This feature is still quite new, and has had quite a few changes since the first iteration already, so requesting the feature on Github may provide a favourable response as this feature is being actively worked on.
2 Likes
Well Iām sorry to hear that as our Product license is coming up for renewal and our Project is looking for a product that can address this security concern. So it looks like weāll have to look for other options.
The first production iteration of the feature was only introduced 14 days ago and was never previously part of the platform, based on user feedback and the various different use cases that people might have, like creating tokens via a pre-request script, we can understand how the feature can be made better.
Postman like every software project, isnāt a finished product. Itās ever changing and improving to make our users lives easier.
Creating a public feature request is the best way to bring these new usage ideas to the team, to triage and assess them with a view to potentially making them part of the platform.
First time doing this so I hope I did it right. For anyone following, hereās the request: Ability to use Postman Vault variables in pre/post-scripts Ā· Issue #12864 Ā· postmanlabs/postman-app-support Ā· GitHub
2 Likes
The documentation says that:
You can also reference vault secrets as the values of your global, environment, and collection variables
Does that work for anyone? It works in params etc but when I added to environment variables it doesnāt seem to resolve.
This problem should be workaround-able if this worked, as the value of the secret is not stored in the cloud but the reference is (again, according to the documentation)