Postman API Key for Team

🙋 Help
1

I’d like to run a collection from a Team workspace via newman in a CI job. I am able to generate a postman API key to run newman, but this API key seems to allow everyone to see my personal collections as well. Is there a way to generate an API key just for a team rather than for an individual?

I tried looking here and following along, but it seems to not be updated with the latest changes to the postman web experience: https://learning.postman.com/docs/developer/intro-api/

2

Hi @mrdotson! Welcome to the community :wave:

Sorry for the confusion - we are working on updating docs and should be updated soon :wink:

To answer your question, API key is tied to each user account, but not to a team, so I am afraid that there is no way to generate API key for a team instead of a user.

Having said that suggested workaround would be to share environment but without sharing API key and use individual API key for each user. To do so, please place your API key in “Current Value” but not in “Initial Value” in the shared environment.

  • The Initial Value is synced to your account via the Postman servers and shared with any collaborators who have access to the environment.
  • The Current Value is local to your Postman app, and is never synced to your account or shared with your team— unless you choose to persist it .

For more info: https://learning.postman.com/docs/sending-requests/managing-environments/#adding-environment-variables

I hope this helps a bit.
Let me know if you have further questions :grin:

3

Hi @taehoshino

Unfortunately that doesn’t answer my question specifically about running newman in a CI job with a postman API key. If I have to put an individual’s API key for use in a CI job, we have several issues:

  1. If I ever leave the postman team, my organization’s CI jobs will all suddenly stop working and need to be updated with a new key. This point alone makes it not feasible to use in a CI environment.
  2. Anyone can see my API key and use it maliciously. When my organization’s security team finds out, they will shut this down quick.

Do you have any alternative approaches?

4

Thanks for getting back to me @mrdotson!

I understand your concerns.
Currently there is no feature that allows to generate Postman API key linked to a team rather than a user.

We track our issues publicly on GitHub and would love for you to file this request there so other customers can also weigh in. Our product managers use that feedback to prioritize and add items to our development roadmap :rocket:

Thanks again for reaching out. Let me know if you have further questions :slightly_smiling_face:

5

@taehoshino

Hi. I’m fairly new to Postman. I have joined a team workspace. Like @mrdotson I wish to run tests using a CI server (TeamCity).

I did read your docs, but I’m confused. How does uploading an exported JSON file help me? Is it not a static snapshot? I feel like I need to run using Newman and a url.

I’ve got it working from this tutorial, but I cannot figure out how to generate my own URL that points to the team workspace collection.

It sounds like that nearly a year ago this was not possible. I have two questions I’m hoping either of you could answer:

  1. Is it possible now?

  2. What’s the workaround? How do I “link” the team workspace collection to my individual account to enable Newman to run the tests. The above tutorial explains it well, I’m trying to generate the URL I need for the Newman command.

Thanks for any help yo can provide.

  • Adam Wolf
6

Did anyone create a request for this? I have the same need.