logo
Free, unlimited AI code reviews that run on commit
git-lrc git-lrc GitHub Install Now We'd appreciate a star git-lrc - Free, unlimited AI code reviews that run on commit | Product Hunt git-lrc - Free, unlimited AI code reviews that run on commit | Product Hunt

postman-api-server-mcp

A Model Context Protocol server interfacing with the Postman platform APIs for comprehensive resource lifecycle management, adhering strictly to the published OpenAPI schema for interaction fidelity.

Author

postman-api-server-mcp logo

delano

MIT License

Quick Info

GitHub GitHub Stars 138
NPM Weekly Downloads 0
Tools 1
Last Updated 2026-02-19

Actions

GitHub View on GitHub

Tags

apisapiopenapipostman apiapis providesopenapi specification

Postman MCP Implementation Server

smithery badge Revision: v0.2.0

This service acts as an MCP gateway to the Postman programmatic interface. Its operational blueprint mirrors the official OpenAPI specification. Consult the primary Postman API documentation for exhaustive details.

This utility is a component of the Anthropic Model Context Protocol (MCP) ecosystem. Explore the MCP GitHub repo or the Anthropic announcement for broader context.

Jump to setup instructions

postman-mcp-server - Cover Image

[!WARNING] This software is presently undergoing active refinement. Utilize cautiously; expect interface alterations.

[!NOTE] Code synthesized via AI. Utilizing Cline v2.2.2 with Claude 3.5 Sonnet (2024-10-22). Refer to docs/README.md for generation artifacts.

postman-mcp-server MCP server

Abstract

The Postman MCP Server, engineered in TypeScript, establishes a connection to the Postman API, enabling exhaustive control over Postman collections, environments, and registered APIs.

Capabilities

Collection Handling

  • Lifecycle Methods: Full Create, Read, Update, Delete functionality for collections.
  • Hierarchical Organization: Support for structuring requests via internal folders.
  • Request Management: Operations for adding, modifying, and removing individual requests.
  • Response Artifacts: Management of stored response data linked to requests.
  • Version Control Primitives: Functionality for forking, merging, and pulling collection revisions.
  • Annotation Support: Adding and maintaining descriptive comments on collections.

Environment Configuration

  • Environment Provisioning: Creation and retrieval of environment definitions for distinct operational contexts.
  • Full Lifecycle Support: Comprehensive methods for environment creation, modification, and erasure.

API Resource Management

  • API Definition Control: CRUD operations for API entities.
  • Schema Integration: Capability to manage API specifications, including multi-file definitions.
  • Metadata Tagging: Applying and overseeing descriptive tags for APIs.
  • Annotation Support: Management of comments associated with API entities.

Security Protocols

  • API Key Validation: Securing access via provisioned API tokens.
  • Access Control Zoning: Implementation of role-based permissions across workspaces and collections.
  • Workspace Scoping: Definition of permissions specific to particular workspaces.

Auxiliary Functions

  • Private Network Elements: Management of resources and folder structures within proprietary API networks.
  • Event Triggers: Configuration of webhooks to initiate collection executions with custom data payloads.
  • Enterprise Capabilities: Exposure of advanced permissioning controls and SCIM support for corporate deployments.

Deployment

Installation via Smithery

Automate the installation of Postman MCP Server for Claude Desktop using Smithery:

bash npx -y @smithery/cli install postman-api-server --client claude

Prerequisites

  • A functional installation of Node.js.

Execution Steps

  1. Source Code Retrieval: bash git clone https://github.com/delano/postman-api-server.git cd postman-api-server

  2. Dependency Fetching: bash pnpm install

  3. Compilation: bash pnpm run build

  4. Initiate Watch Mode (Development/Auto-Rebuild): bash pnpm run watch

Operation

Configuring Credentials

  1. Token Generation
  2. Navigate to Postman Account Settings
  3. Select the option to 'Generate API Key'

  4. Crucially: Record the key immediately, as it will not be displayed subsequently.

  5. Credential Assignment

  6. Set the key as an environment variable named POSTMAN_API_KEY.
  7. Integrate it into your client configuration file (e.g., for Claude Desktop or Cline).

  8. Security Mandate: Ensure API keys are never committed to source control.

  9. Access Validation

  10. The supplied key grants access to all accessible Postman entities.
  11. Verify connectivity by executing a basic operation (e.g., listing workspaces).

[!NOTE] If interacting directly via the Postman API collection, define your credential as a collection variable named postman-api-key.

Integration with Claude Desktop

To enable this service in Claude Desktop, modify the configuration file:

  • macOS Path: ~/Library/Application Support/Claude/claude_desktop_config.json
  • Windows Path: %APPDATA%/Claude/claude_desktop_config.json

[!IMPORTANT] If updating this provider's schema, a restart of Claude is mandatory for the application to recognize the revised ToolDefinition metadata, as it caches these definitions upon startup.

claude-desktop-settings

Configuration Sample

{ "mcpServers": { "postman": { "command": "node", "args": [ "/path/to/postman-api-server/build/index.js" ], "env": { "POSTMAN_API_KEY": "CHANGEME" } } } }

Integration with Cline

Utilize the identical configuration structure shown above, integrating it into your Cline MCP Servers settings:

cline-settings

Configuration Sample

Matches the configuration provided for Claude.

Integration with Zed

Integration is pending. Based on Zed documentation, this appears to require implementation as an extension (refer also to issue #21455).

Reference Material

The authoritative Postman API documentation is hosted within the Postman Public Workspace.

Project Synopsis

Postman API References & Summaries

This implementation employs the Claude model and Cline extension capabilities to translate the OpenAPI specification into strongly-typed TypeScript code, thereby increasing integration robustness within the MCP server environment.

The repository hosts detailed API References documentation providing guidance on programmatic interaction with the Postman platform. This covers both the local Collection SDK and the cloud-focused Postman API. Key documentation areas include security mechanisms, rate limitation handling, and in-depth specifics for all endpoints (workspaces, collections, environments, mocks, monitors, etc.). The guide also outlines necessary prerequisites and rapid initiation procedures.

The docs/api/summaries directory contains comprehensive Markdown abstracts of the Postman API. These documents detail endpoints, data structures for requests/responses, and implementation specifications vital for validating the MCP server's performance. Consult the API Summaries README for the documentation hierarchy and implementation methodologies.

Converting OpenAPI Spec to TypeScript Code with Claude

Building the MCP Server

For precise specifications on implementing MCP server request handlers, consult the Handlers Documentation. This covers URI conventions, prompt engineering standards, and resource manipulation patterns, which is essential for development and extension of Postman API functionalities within this server.

Design Justification

The adoption of an MCP wrapper for Postman capabilities is most beneficial for intricate, sequential tasks demanding high structural integrity and operational safety. Conversely, simple, singular operations might be more efficiently handled via direct CLI or native API calls. The MCP layer yields maximal utility in scenarios such as:

  1. Complex Orchestrations
  2. Managing numerous collections concurrently
  3. Synchronizing disparate environments

  4. Producing expansive operational reports

  5. Automated Workflows Driven by AI

  6. Establishing automated regression testing pipelines
  7. Maintaining API documentation integrity

  8. Dynamic environment provisioning

  9. Operations Requiring High Stability

  10. Testing mission-critical APIs
  11. Deployments affecting live production systems
  12. Compliance auditing functions

Its diminished utility is observed in:

  1. Simple Procedures
  2. Executing basic collection tests
  3. Single, isolated API queries
  4. Rapid environmental verification
  5. Direct Developer Interaction
  6. Operations initiated by developers
  7. Localized testing procedures
  8. Iterative, rapid prototyping

Development

Install prerequisites: bash pnpm install

Compile the service: bash pnpm run build

For development, enable continuous rebuilding: bash pnpm run watch

Troubleshooting

Debugging inter-process communication over stdio (used by MCP servers) can be difficult. We advise utilizing the MCP Inspector, accessible via a package script:

bash pnpm run inspector

Documentation

The Inspector will provide a local URL (e.g., http://localhost:5173) for browser-based inspection tools. Ensure the POSTMAN_API_KEY is configured prior to connecting. Navigate to the "Tools" section to commence diagnostics.

Licensure

This codebase is distributed under the terms of the MIT License. Details are provided in the LICENSE file.

WIKIPEDIA: XMLHttpRequest (XHR) is an API in the form of a JavaScript object whose methods transmit HTTP requests from a web browser to a web server. The methods allow a browser-based application to send requests to the server after page loading is complete, and receive information back. XMLHttpRequest is a component of Ajax programming. Prior to Ajax, hyperlinks and form submissions were the primary mechanisms for interacting with the server, often replacing the current page with another one.

== History == The concept behind XMLHttpRequest was conceived in 2000 by the developers of Microsoft Outlook. The concept was then implemented within the Internet Explorer 5 browser (1999). However, the original syntax did not use the XMLHttpRequest identifier. Instead, the developers used the identifiers ActiveXObject("Msxml2.XMLHTTP") and ActiveXObject("Microsoft.XMLHTTP"). As of Internet Explorer 7 (2006), all browsers support the XMLHttpRequest identifier. The XMLHttpRequest identifier is now the de facto standard in all the major browsers, including Mozilla's Gecko layout engine (2002), Safari 1.2 (2004) and Opera 8.0 (2005).

=== Standards === The World Wide Web Consortium (W3C) published a Working Draft specification for the XMLHttpRequest object on April 5, 2006. On February 25, 2008, the W3C published the Working Draft Level 2 specification. Level 2 added methods to monitor event progress, allow cross-site requests, and handle byte streams. At the end of 2011, the Level 2 specification was absorbed into the original specification. At the end of 2012, the WHATWG took over development and maintains a living document using Web IDL.

== Usage == Generally, sending a request with XMLHttpRequest has several programming steps.

Create an XMLHttpRequest object by calling a constructor: Call the "open" method to specify the request type, identify the relevant resource, and select synchronous or asynchronous operation: For an asynchronous request, set a listener that will be notified when the request's state changes: Initiate the request by calling the "send" method: Respond to state changes in the event listener. If the server sends response data, by default it is captured in the "responseText" property. When the object stops processing the response, it changes to state 4, the "done" state. Aside from these general steps, XMLHttpRequest has many options to control how the request is sent and how the response is processed. Custom header fields can be added to the request to indicate how the server should fulfill it, and data can be uploaded to the server by providing it in the "send" call. The response can be parsed from the JSON format into a readily usable JavaScript object, or processed gradually as it arrives rather than waiting for the entire text. The request can be aborted prematurely or set to fail if not completed in a specified amount of time.

== Cross-domain requests ==

In the early development of the World Wide Web, it was found possible to brea

See Also

Postman
Postman PNG Icons
← Back to Apis And Http Requests🙏  Credits & Acknowledgments
`