Templates
Select a template to provision your infrastructure, codebase, CI/CD pipeline, and Postman workspace.
Configure API
Complete the fields below to provision your API.
Code Only
Generate and download code that you can deploy the way you want.
End To End
Generate code and a CI/CD pipeline for a complete API solution.
Add To My Repo
Generate code and add it to your existing repository via a pull request.
Provisioning Status
GitHub Repository
Create repo, push boilerplate, inject secrets, trigger provisioning workflow
Postman Workspace
Create team workspace, assign governance group, grant requester editor access
Spec & Collections
Upload spec to Spec Hub, validate against governance rules (postman spec lint), generate Baseline/Smoke/Contract collections, inject test scripts & secrets resolver
AWS Deployment
Deploy selected runtime path: allocate shared ECS route and inject Insights sidecar for ECS mode, or deploy Lambda/API Gateway for dedicated mode, then run health checks
Postman Environments
Create environments with API Gateway endpoints, configure secrets variables, create mock server from baseline collection
Source Control Sync
Connect workspace to GitHub via Bifrost and configure CI/CD pipeline
Notification
Send provisioning summary email, report to SonarQube, create Jira ticket with resource links
Postman Integration
How Postman integrates into the developer platform and the value each touchpoint delivers.
Spec-First Governance
Every API starts with an OpenAPI specification validated against organization and workspace group governance rules using the Postman CLI before any infrastructure is provisioned. Workspaces are automatically assigned to domain-specific governance groups for workspace-level policy enforcement.
Value
- Shift-left API quality -- spec issues caught before code exists
- Consistent naming, error schemas, and security patterns across all services
- Specs published to Spec Hub become the single source of truth for consumers
Workspace-per-Service
Each provisioned service gets a dedicated Postman workspace with standardized naming ([DOMAIN] service-name) for discoverability across the organization.
Value
- Every team can find any API in seconds through workspace search
- Access control scoped per service -- requester auto-granted on creation
- Workspace connected to Git repo enables bi-directional sync of collections, environments, and specs
Generated Test Collections
Three collections are generated directly from the spec, each targeting a different layer of API correctness.
Baseline Collection
All endpoints pre-registered with request bodies, path params, and documentation pulled from the spec. Developers start from a working collection rather than building from scratch.
Smoke Tests
Status code assertions, response time thresholds, and body structure checks. Answers: "is the API up and responding correctly?"
Contract Tests
Schema validation, required field enforcement, enum constraints, string/numeric format checks. Answers: "does the API still match its contract?"
Environment Management
Environments are provisioned per deployment stage with variables pre-configured for auth, base URLs, and cloud-native secrets resolution.
Value
- Developers switch stages with a single dropdown -- no manual URL editing
- Secrets are resolved at runtime via AWS Secrets Manager using Postman's native SigV4 auth, never stored in plaintext
- Consistent variable naming across all services reduces onboarding friction for new team members
CI/CD with Postman CLI
The Postman CLI is embedded at multiple stages of the CI/CD workflow. Collections run twice per pipeline execution -- once before deployment and once after -- turning API tests into both a quality gate and a deployment verification step.
Pre-Deploy Gate (Container in CI)
On push or merge, the workflow builds the runtime container and starts it locally inside the CI runner. Postman collections execute against this local container -- smoke tests, contract tests, and behavioral checks all run before any infrastructure is touched. If any collection run fails, the workflow fails and no deployment happens. Spec violations, broken contracts, and behavioral regressions are caught here.
Post-Deploy Verification (Live Infrastructure)
If pre-deploy tests pass, the service deploys to cloud infrastructure. Collections run again, this time against the live endpoint. Failures at this stage isolate cloud-specific issues -- IAM misconfigurations, network policy errors, environment variable drift -- and trigger an automatic rollback.
Scheduled Monitoring
A 6-hour cron runs smoke tests continuously between deploys, catching environment-level regressions -- expired certificates, infrastructure drift, upstream dependency failures.
Centralized Reporting
Every CLI run reports results back to Postman. Teams get a single dashboard view of test pass rates, response times, and failure trends across all services in the organization.
Source Control Sync
API artifacts are exported to the Git repository and the workspace is connected via the filesystem API. The pipeline uses direct Postman APIs to export each entity -- the same mechanism the Postman desktop app uses for bi-directional sync.
Synced Entities
- Collections -- baseline, smoke, and contract test collections in
postman/collections/ - Environments -- per-stage environment configs in
postman/environments/ - Specifications -- OpenAPI spec in
postman/specs/(syncs with Spec Hub) - Local Mocks -- auto-generated route handlers in
postman/mocks/with stub responses from spec - Globals -- workspace-level variables in
postman/globals/
Value
- API artifacts versioned alongside application code -- full history and diff support
- Local mocks let developers test against the API contract without deploying infrastructure
- Code review workflows apply to API definitions, not just application logic