What's new in Postman 7.23?

Hello Postman-friends! :wave:

Yes, it’s already been two weeks since 7.22, which means you can already update or download the latest version of Postman from here! https://www.postman.com/downloads/

This one brings a couple of improvements, one to help you track your monitoring calls and one to improve the listing of collections in the sidebar. But before all, it also includes PKCE support for OAuth 2.0!

PKCE support for OAuth 2.0

PKCE (Proof Key for Code Exchange) is an extension to the Authorization Code flow to prevent certain attacks and to be able to securely perform the OAuth exchange from public clients. (source)

To use it, head to the Authorization tab of your request, select OAuth 2.0, and open the Get New Access Token dialogue. From there, select Authorization Code (With PKCE) as Grant type . You can select the Code Challenge Method to be either Plain or SHA-256 and also optionally provide the custom Code Verifier .

Track your monitoring calls

To help you track how you and your team are using monitoring, you can now see the actual number of monitoring calls directly from the app by navigating to the “Team” menu, located in the app’s header.

Free teams are limited to 1000 monitoring calls/month, if you need to use more check out our other plans on our pricing page. :page_with_curl:

Performance improvements and bug fixes

As always, our engineers are doing their best to improve your experience with Postman, and this time they’ve improved the performance of listing collections in the sidebar. You should see a considerable improvement while working within a workspace with many Collections! :running_woman:

That’s it for the highlights! You can find the full release notes here and download the latest app to see all this by yourself here.

Enjoy and let us know what you think!


These gifs are super helpful @arlemi! :pray:


Hi Joyce,

I followed your reverse engineering API video which was SOOO clear but beyond my abilities to use beyond looking that it worked.

I work with a website which is authenticated and POSTMAN does a great job of listing the GET/POSTs etc…

I don’t know how to do this but I was hoping to integrate this program with Netsuite for internal purposes. Do you have a resource/person/team that would be able to take the files generated from the activity on the website and turn it into a usable API resource ?
Trying to put things together.
Thank you
David Waldes
Luxury in Travel

Hi there David -

The reverse engineering an API video shows you how to import the website activity as a CURL command. So you can use Postman to tweak and inspect what’s going on, and understand a bit about how the API server works behind-the-scenes.

From there, you can generate the client-side code like this: https://learning.postman.com/docs/postman/sending-api-requests/generate-code-snippets/

However, this is different than the code needed to run your API on a server, and to manage the underlying data.