Using Postman in production

vanknack · April 23, 2020, 9:45pm

New to Postman and APIs in general.

I’m using the Knack API (API docs).

The docs say to make my API calls from “server-side code, not client-side code, to keep API keys secret.”

However Knack doesn’t provide a way to add “server-side code”. It has an admin panel + API, but lacks ability to run your server code. That part is our responsibility.

So as a client-side JavaScript person, knowing nothing about the server-side, I thought I could use a third-party tool such as Postman to make API calls safely.

Is this an acceptable use of Postman? Are people using Postman in production or testing only?

tstatz · July 30, 2020, 10:04pm

You can provide your API key in your Postman request header to test the Knack APIs. But (if I understand your larger question) it’s not a general purpose API library for use in your production client-side applications. As one approach, your client side app could authenticate to your custom back-end service (via user/password, e.g.) which could then safely make authenticated requests to Knack.

Hope this helps.

Topic		Replies	Views
Can I use a Postman Code example to code my own call? Ask the Experts and Postman Tips	4	1881	January 22, 2020
Make request to API and safe the response in file Ask the Experts and Postman Tips	6	983	June 19, 2019
Can I use the platform to actually write an API logic other than just the mechanics in/out? New to APIs/Postman	2	531	July 10, 2020
Looking for Best Practices for Integrating Third-Party APIs in Postman! Integrating APIs authentication	1	71	March 3, 2025
Stop Exposing Secrets! Secure Your APIs in Postman Like a Pro Ask the Experts and Postman Tips tests , collections , security , authentication , workspaces , public-workspace	1	360	March 5, 2025

Using Postman in production

Related topics