- Installation and updates
- Sending your first request
- Creating the first collection
- Navigating Postman
- Keyboard Shortcuts
- Postman account
- New button
- Troubleshooting In-app Issues
- Customizing Postman
- Find and Replace
- Troubleshooting API requests
- Debugging and logs
- Authorizing requests
- Capturing HTTP requests
- Generate code snippets
- Making SOAP requests
- Working with Tabs
- Using GraphQL
- Visualize API responses
- Intro to collections
- Creating collections
- Sharing collections
- Managing collections
- Requesting access
- Using Markdown for descriptions
- Data formats
- Working with OpenAPI
- Commenting on collections
- Version Control for Collections
- Intro to scripts
- Pre-request scripts
- Test scripts
- Test examples
- Branching and looping
- Postman Sandbox
- Postman Sandbox API reference
- Intro to collection runs
- Starting a collection run
- Using environments in collection runs
- Working with data files
- Running multiple iterations
- Building workflows
- Sharing a collection run
- Debugging a collection run
- Command line integration with Newman
- Integration with Jenkins
- Integration with Travis CI
- Newman with Docker
- Documenting your API
- Viewing documentation
- Authoring your documentation
- Publishing your docs
- Custom documentation domains
- Intro to Monitoring
- Setting up a monitor
- Viewing monitor results
- Monitoring APIs and websites
- Set up integrations to receive alerts
- Pricing for monitors
- Troubleshooting monitors
- FAQs for monitors
- Intro to mock servers
- Setting up a mock server
- Mocking with examples
- Mocking with the Postman API
- Matching algorithm
- Introduction to APIs
- Managing APIs
- Sharing APIs and managing roles
- The API Workflow
- Validating Elements Against Schema
- Versioning APIs
- Reporting FAQs
- Viewing and analyzing APIs
- Intro to Workspaces
- Creating Workspaces
- Managing Workspaces
- Using Workspaces
- Sharing collections in Workspaces for version 5
- Viewing changelogs and restoring collections
- What is Postman Pro
- Purchasing Postman Pro
- Upgrading to Postman Pro from a trial team
- Team Settings
- Changing your plan
- Managing your team
- Migrating to Postman v7
- Roles and permissions
- Intro to Enterprise
- Purchasing Postman Enterprise
- Running Postman monitors using static IPs
- Intro to SSO
- Configuring SSO for a team
- Logging in to an SSO team
- Configuring Microsoft AD FS with Postman SSO
- Setting a custom SAML in Azure AD
- Setting up custom SAML in Duo
- Setting up custom SAML in GSuite
- Setting up custom SAML in Okta
- Setting up custom SAML in Onelogin
- Setting up custom SAML in Ping Identity
- Audit logs
- Publishing API documentation
Configuring Microsoft AD FS with Postman SSO
Before you configure Microsoft Active Directory Federation Services (AD FS) to work with Postman Single sign-on (SSO), you must have:
- An Active Directory instance where all users have an email address attribute.
- A SSL certificate from the AD FS server.
- A server that runs Microsoft Server 2012 or 2008. Note: This guide uses screenshots from Server 2012R2, but similar steps should be possible in other versions.
After you meet these basic requirements, install AD FS on your server.
To configure and install AD FS, see Deploy and configure AD FS in the Microsoft Knowledge Base.
Follow the steps below to configure Microsoft AD FS to work with Postman SSO.
Step 1 - Create an AD FS authentication scheme in Postman.
To create this scheme authentication, see Configuring SSO for a team.
After creating the scheme, collect the values for these fields in the Team page.
|Fields||AD FS equivalent|
|Assertion Consumer Service URL||SAML 2.0 SSO service URL|
|Encryption Certificate||Token encryption certificate|
Step 2 - Add a Relying Party Trust.
Relying Party Trust (RPT) defines the connection between AD FS and Postman.
To add a Relying Party Trust:
Select the Relying Party Trusts folder from "AD FS Management".
On the Actions sidebar, click "Add Relying Party Trust" to start the configuration wizard for a new trust.
Click the Claims aware button in the Welcome screen and then click the Start button.
In the Select Data Source screen, select the last option, "Enter Data About the Party Manually".
Enter a "Display Name" that you'll recognize later. You can optionally add notes.
Upload the encryption certificate in the Team page or use the default certificate settings.
Check the box labeled "Enable Support" for the SAML 2.0 WebSSO protocol.
Collect the service URL (ACS URL) from the Team page.
Add this Relying party trust identifier:
Select "Permit everyone".
In the next two screens, the wizard displays an overview of your settings.
In the final screen, use the Close button to exit and open the "Claim Rules" editor.
Step 3 - Create claim rules.
After the relying party trust has been created, you can create the claim rules.
To create a new rule:
Click "Add Rule". Then create a "Send LDAP Attributes as Claims" rule.
Using the Active Directory as your attribute store, perform these actions:
In the LDAP Attribute column, select "E-Mail Addresses". In the Outgoing Claim Type, select "E-Mail Address".
Click the Finish button to save the new rule.
Click "Add Rule" to create another new rule and select "Transform an Incoming Claim" as the template.
In the next screen perform these actions:
In "Incoming Claim Type", select "E-mail Address".
In "Outgoing Claim Type", select "Name ID".
In "Outgoing Name ID Format", select "Email".
Note: Use the default setting: "Pass through all claim values".
Click the Finish button to create the claim rule.
You should see two transform rules. Click "Edit Claim Issuance Policy" to confirm.
Step 4 - Adjust the trust settings.
To adjust the trust settings, select "RPT" and then select "Properties" in the Actions sidebar.
In the Advanced tab, specify "SHA-1" as the secure hash algorithm.
Step 5 - Submit Identity Provider details to Postman.
After the setup, you must submit your Identity Provider's details to Postman.
Download the FederationMetadata.xml. You can generally find this file at:
https://<Federation Service name>/FederationMetadata/2007-06/FederationMetadata.xml
Collect the Identity Provider Single Sign-On URL, Identity Provider Issuer, and X.509 Certificate from the metadata file and enter these values in the Team page in the AD FS Identity Provider Details dialog.