Please, Please, Please, reverse this decision to require sign-in. There are an awful lot of developers that work for organizations that cannot have their api data synced to the cloud.
Requiring signin and automatically syncing data to 3rd parties is a security breach, as it could inadvertently result in sensitive information being shared with a 3rd party, Postman’s cloud being that third party.
Please reverse this decision. This will cause us to have to find an alternative solution to testing our APIs
A lot of the security concerns are address in the announcement blog, there is an FAQs section at the bottom of the page. This also contains links out to our Security & Trust Portal.
If you would still like to use Postman in a non signed in state, you can do so using the Lightweight API Client to send HTTP, WebSocket, gRPC, and GraphQL requests, to test your APIs.
Forcing sign in was a very bad decision. If I wanted my data sync’d across the cloud I would have already created an account. I only need to use this locally on one machine and have no need or want to have my api data in the cloud.
Please bring this feature back. As a user I should have the choice to keep my data locally or store it in the cloud. No tool should dictate where it is stored.
I see no real benefit here for forcing an account other then to spy on us.
If you would still like to use Postman in a non signed in state, you can do so using the Lightweight API Client to send HTTP, WebSocket, gRPC, and GraphQL requests, to test your APIs.
In the Lightweight API Client, you have the option to Export your data from the > Settings > Data.
After you have created a free account, you can use the Migrate data option from the same menu mentioned above, to continue using the Collections and Environments.
Sharing some good security practices here too:
Follow safe practices with your data and credentials when using your Postman account.
Be careful to avoid accidental data exposure when making a Postman element public, such as workspaces, collections, and environments.
We strongly recommend you avoid storing sensitive data anywhere except within Postman environments. Storing variable values only in the Current value field, will ensure that the data is never sync’d.
You should also use environment variables with a secret type to store sensitive data and credentials, including API keys and access tokens.
With V11 of Postman, we have introduced the Postman Vault (Store secrets in your Postman Vault | Postman Learning Center), which allows you to store your sensitive data in an encrypted local vault that is not synced with the Postman Cloud. Also, we have added multiple security features to help prevent accidental exposure of your API credentials.
,
> Settings > Data.