Postman Cheatsheet
Top commands.
Overview
Postman is the GUI API client that doubles as a collaboration and contract-testing platform. Five primitives carry most of the operational work: request collections, environment variables, pre-request scripts for auth and dynamic headers, test scripts for response assertions, and the Newman CLI for running collections from CI.
- Request collections. Group related requests by product or service. Shared workflows live in one place.
- Environment variables. Per-environment values (dev, staging, prod) switch with a single dropdown.
- Pre-request scripts. JavaScript runs before each request. Auth-token refresh and dynamic headers live here.
- Test scripts plus Newman CLI. JavaScript assertions on responses produce contract tests; Newman runs the collection from CI for continuous validation.
The approach
Three habits make Postman produce real value rather than scattered ad-hoc requests: one collection per product, environment variables per stage, and test scripts on every meaningful response.
- Collection per product. Requests grouped by API. Navigation and onboarding both improve.
- Environment variables per stage. Dev, staging, prod separated cleanly. No copy-paste between environments.
- Pre-request auth refresh. Token-refresh logic in pre-request scripts. Seamless auth across requests.
- Test scripts plus Newman in CI. Assertions on status, schema, and content produce contract tests; Newman runs them in CI for continuous validation.
Why this compounds
Each collection captures API knowledge in a reusable artefact. The team’s API library grows; new engineers onboard faster because the collection is the documentation; contract regressions get caught at PR time.
- Faster API exploration. Shared collections produce instant onboarding.
- Contract validation. Test scripts catch regressions before they reach customers.
- CI integration. Newman runs collections continuously. API contracts stop drifting silently.
- Year-one investment, year-two habit. First collections are investment. By the third, every API ships with one.