Comment on page
Run Pynt Collection
Run Pynt's Postman collection effortlessly! Explore our onboarding guide to learn how to execute the Pynt collection within Postman, ensuring a smooth integration of Pynt's API security features with
Make sure Pynt's docker is still up.
Click on the 'Variables' tab of the 'Pynt' collection and fill in the values of the required parameters, in the 'CURRENT VALUE' column:
- 1.API-KEY - your postman API key - If you previously saved and have your API key, enter it here under the 'Current Value' tab. If not, enter https://postman.co/settings/me/api-keys to generate or regenerate your API key as for security reasons it can only be copied at the time of creation. You won't need to modify this parameter again until the API key expires.
- 2.port - the left port number used in the docker run command (default-5001).
- 3.YOUR-COLLECTION- your functional test collection name, or the collection UID (both are acceptable, UID is preferred if you have two collections with the same name associated with the API-KEY). Pynt will refer to this collection to generate the automated security tests. If you wish to have a reference application to test, Pynt provides a vulnerable app example called 'goat' that you can fork from Pynt's public workspace: https://www.postman.com/pynt-io/workspace/pynt and use it here.
- 4.scanId - output variable, used internally. Ignore.
- If you modified your test collection in any way, simply re-run Pynt collection.
- Should you need to test another collection, simply update the
YOUR-COLLECTIONvariable and re-run the 'Pynt' collection.
Image 1 - Generate / Copy API Key if forgotten
Image 2 - Enter 'Pynt' collection parameters
Image 3 - Run the 'Pynt' collection to generate full OWASP-10 API-security tests for your collection