Sprinto Dashboard

Postman Integration

Postman is an API (Application Programming Interface) development tool that simplifies the process of creating, testing, and managing APIs. It offers a user-friendly interface for sending HTTP requests to APIs and viewing responses. Postman is widely used by developers, testers, and API consumers to streamline API development and testing workflows.

How does this integration help Sprinto

The integration primarily helps Sprinto retrieve the user account details like user name, email address, role, etc. It helps Sprinto to map and check if the user with access offboards the organization. The org role information also helps Sprinto ensure only the configured valid roles access the system.

Sprinto checks for Postman

Following are the available Sprinto checks for Postman integration:

Sprinto check
Reference procedure

User should be identified

How to fix

Postman access should be removed for offboarded user

How to fix

Critical system access control should be configured

How to fix

User access to Critical System should be valid

How to fix Note: The user access to the critical system becomes valid if the respective Org role is added to the system.

Before you begin

  • Log in to Sprinto as administrator.

  • Ensure you have “Admin” access on the Postman account you want to integrate.

  • Sprinto uses Truto.one as the integration partner to build this integration.****

Integrate Sprinto with Postman

Follow the below steps to integrate Postman on Sprinto.

  1. Get API key from Postman account.

    • Log in to your Postman account using your credentials.

    • Copy the Postman account’s URL from your browser URL. For example, your Postman URL could be https://winter-capsule-167516.postman.co/.

    • Click on the profile icon and select Settings.

    • Click API Keys and click Generate API Key to generate a new API token.

    • Enter Sprinto as the token name, and click Generate API Keys.

    • Copy the generated API key and save it securely. We will need this API Key to build integration on Sprinto.

    • Ensure you have set Never Expire API keys for API key settings.

  2. Integrate Postman on Sprinto.

    • Go to Security Hub > Settings > Integrations > Available, and click Connect next to Postman.

    • Read the on-screen instructions, and click Next.

    • On Integration page, select the acknowledgment checkbox and click Connect to Postman. Note: Ensure you have a pop-up window enabled on your browser.

    • On Authentication page, enter the SCIM API Token and SCIM URL copied from Step 1, and click Connect.

  3. Add Postman as a critical system.

    • On Sprinto app, go to Security Hub > Access > Critical systems, and click + Add Critical System.

    • On Add Critical System page, select Postman and click Add System.

  4. Configure valid users for Postman.

    • Go to Security Hub > Access > Critical systems, and select Postman.

    • On the Summary page, click Configure Now next to the Postman account.

    • On the Manage page, click Configure next to access validity.

    • Choose one of the options to define valid users based on roles.

Final Step

After completing Step 4, allow 15 to 20 minutes for Sprinto to finish the data syncing process. Sprinto may take a few hours to evaluate the synced data and activate relevant Sprinto checks. If needed, go to Security Hub > Access > Critical System to check for pending tasks next to Postman.

If you need any assistance with the integration, kindly get in touch with Sprinto support.

PreviousPipedrive IntegrationNextQualys Integration

Last updated