Posted by Jad Khater on April 04, 2022 | developer-environments

Postman is an API platform for building and using APIs. Postman simplifies each step of the API lifecycle and streamlines collaboration so you can create better APIs—faster.

Why Postman

Postman is a tool that makes it easier for developers to create, share, test, and document APIs. It has a user-friendly interface that allows you to create collections and easily switch between development environments. A collection is a group of requests that are saved with specific headers and data validations.

Environment Variables

Environment variables are crucial in our line of work. We have different instances for coding, testing, and production that require different values for the same set of environmental variables. Postman provides an easy configuration solution where you can simply switch between Development, Staging, and Production using a dropdown (as seen in the top right corner of the image below). You can then perform API calls against the specified environment. I created a Demo development environment as an example.

Environment Variables

Update Environment Variables using Test scripts

In some scenarios, you might want to regularly update your env variables. For example, let’s say you want to use an access token that you set to expire every hour. Imagine having to manually update it every time?

Well, Postman has a solution for that with their Test Scripts! Using Test Scripts, you can populate some of your env variables and then use their results with the latest subsequent API calls.

In the below image, we’re updating the required tokens for the selected DEMO env.

Test Scripts

Here is the script code:

pm.test("Status code is 200", function () {;
  var jsonData = pm.response.json();
  if (jsonData.access_token) {
    pm.environment.set("ACCESS_TOKEN", jsonData.access_token);
  if (jsonData.refresh_token) {
    pm.environment.set("REFRESH_TOKEN", jsonData.refresh_token);

You can learn more about scripting in Postman on their website.

Creating Collections

Collections can save you time and organize your favorite requests. Instead of looking through the history tab for a request you sent last week, you can save all of the calls under Collections and group them as needed.

It is recommended to check Postman’s website about creating your first collection.

Share Your Configuration with the Team

In a team, you’ll have multiple people working on the same projects. Sharing your environment variables and your test scripts between them is very common.

With Postman, you can export and import collections, environment variables, but it is always nicer to create a Workspace and add your team members so that everyone will have access to those libraries and you can all contribute to enhancing them and enriching the requests.

More about creating your workspace

Collection Documentations

Since sometimes the API calls and requests can be large in a workspace, documentation is recommended so that you can provide your teammates with a better description of them.

Collection Documentations


To showcase the above, we will be doing a small example of how to authenticate against an OAuth 2.0 enabled API.

First, we will need to update the ENV with the APP ID and APP Secret. You should be able to get those from the API provider.

Get Code:

example 1

For this step we are only using this call to generate the URL for us, so grab the url from the code snippet and place it in and browser.

You should be prompted to login/authorize the app:

example 2

then once you allow the Application to access the API, you will get a code in the callback URL params:

example 3

Grab the code from the URL and use it in the Get Token request.

example 4

As a response, you should get new access_token and refresh_token

  "access_token": "KX4...OE9",
  "expires_in": 3600,
  "token_type": "Bearer",
  "scope": "instance",
  "refresh_token": "rtB...ek9"

Using the test Script mentioned before the ACCESS_TOKEN and REFRESH_TOKEN will be populated with the new values.

If you need to get a new access_token as it will eventually expires_in 3600 seconds, then all you need is to use the Refresh token to re-new the ACCESS_TOKEN.

example 5

Same as before you will be getting back:

  "access_token": "9sQ...biX",
  "expires_in": 3600,
  "token_type": "Bearer",
  "scope": "instance",
  "refresh_token": "rtB...ek9"

Again the test script will populate the Env variables as before.

This way your access tokens will get populated for your subsequent API Calls.

Check out these example files:

Demo Collection JSON

Demo Environment JSON

PS: Don’t forget to update the environment variables with proper information.

Good Read/References:

Notes: Free teams have a limit of 25 shared requests. When that limit’s exceeded, Postman archives the oldest shared collections.