Postman applies security rules configured for your API requests when you send requests to any API using either the Postman web app or the Postman desktop app. A security warning doesn't mean your API is broken. Instead, it indicates there are potential security risks your API might be vulnerable to. Postman highlights these security warnings and helps you understand their implications and possible ways to fix the warnings.
Enterprise teams can also customize the rules that Postman applies to API requests. For more information, see Configuring API Security rules.
When you send an API request, Postman scans it for potential security risks. If any are found, Postman adds the number of warnings to the Security tab in the response.
To learn about API security warnings and how to hide warnings that aren't relevant to your team, see Viewing security warnings.
For the list of all the security warnings that Postman might show for API requests, see Security warnings in API requests.
Last modified: 2024/07/12