How do I install Postman?

Postman supports both local and remote installation. For local use, install it via npm (npx) and add the configuration to your AI app. For remote access, add the server URL to your MCP configuration.

Is Postman safe to use?

Postman was flagged by MCP Marketplace's security scan, scoring 4.5/10 (high risk). It has 1 high or critical finding to review. Review the security report on this page carefully before installing it.

What credentials does Postman need?

Postman requires the following credentials or environment variables: POSTMAN_API_KEY. You can find setup instructions on the server detail page.

What AI apps work with Postman?

Postman uses the Model Context Protocol (MCP) and works with any MCP-compatible AI app, including Claude, ChatGPT / Codex, Gemini, Copilot, Cursor, and more.

Back to Browse

Postman MCP Server

by Postmanlabs

Developer ToolsUse Caution4.5MCP RegistryLocalRemote

Free

Server data from the Official MCP Registry

A basic MCP server to operate on the Postman API.

About

A basic MCP server to operate on the Postman API.

Remote endpoints: streamable-http: https://mcp.postman.com/mcp streamable-http: https://mcp.postman.com/minimal streamable-http: https://mcp.eu.postman.com/mcp streamable-http: https://mcp.eu.postman.com/minimal

Security Report

4.5

Use Caution4.5High Risk

The Postman MCP Server is a legitimate tool from Postman, Inc. with proper authentication mechanisms and reasonable code structure. It uses OAuth for remote servers and API key auth for local/EU servers, with credentials sourced from environment variables rather than hardcoded. However, the codebase contains some concerns: it accepts and processes user-supplied collection data with complex nested schemas that could be difficult to fully validate, relies on newman (a third-party testing library) for collection execution which could pose risks if untrusted collections are executed, and the code lacks comprehensive input validation for deeply nested collection structures. The permissions align well with the server's stated purpose of managing Postman workspaces and collections. Supply chain analysis found 3 known vulnerabilities in dependencies (1 critical, 0 high severity). Package verification found 1 issue.

4 files analyzed · 9 issues found

Security scores are indicators to help you make informed decisions, not guarantees. Always review permissions before connecting any MCP server.

Permissions Required

This plugin requests these system permissions. Most are normal for its category.

env_vars

Check that this permission is expected for this type of plugin.

HTTP Network Access

Connects to external APIs or services over the internet.

process_spawn

Check that this permission is expected for this type of plugin.

What You'll Need

Set these up before or after installing:

A valid Postman API key.Required

Environment variable: POSTMAN_API_KEY

How to Install & Connect

Available as Local & Remote

This plugin can run on your machine or connect to a hosted endpoint. during install.

Documentation

View on GitHub

From the project's GitHub README.

Postman MCP Server

The Postman MCP Server connects Postman to AI tools, giving AI agents and assistants the ability to access workspaces, manage collections and environments, evaluate APIs, and automate workflows through natural language interactions. Learn more on the Postman MCP Server product page.

Postman also offers the server as an npm package.

Postman MCP Server collection

The Postman MCP Server collection is the quickest way to explore, test, and connect to the Postman MCP Server. Use it to:

Browse the complete list of available tools across all configurations.
Connect to and test the remote server — Full and Minimal.
Connect to and test the local server.

Tool configurations

Minimal — (Default) Only includes essential tools for basic Postman operations. Ideal for users who want to modify a single Postman element, such as collections, workspaces, or environments.
Code — Includes tools to generate high-quality, well-organized client code from public and internal API definitions. Ideal for users who need to consume APIs or get API context to their agents.
Full — Includes all available Postman API tools (100+ tools). Ideal for users who engage in advanced collaboration and Postman's Enterprise features.

Authentication

For the best developer experience and fastest setup, use OAuth on the remote server (https://mcp.postman.com). OAuth is fully compliant with the MCP Authorization specification and requires no manual API key configuration.

The EU remote server and the local server support only Postman API key authentication.

Quick start

Remote (any OAuth-compatible MCP host):

Add this URL to your MCP host's configuration:

https://mcp.postman.com/minimal

Change /minimal to /code or /mcp for Code or Full mode. For EU or API key auth, pass Authorization: Bearer <POSTMAN_API_KEY> as a header.

Local:

npx @postman/postman-mcp-server

Add --code or --full for Code or Full mode. Set POSTMAN_API_KEY as an environment variable.

For IDE-specific setup instructions, see the table below. For more information, see the Postman MCP Server docs.

Supported agents and IDEs

Agent / IDE	Remote	Local
Claude Code	Docs	Docs
Claude Desktop	—	Docs
Cursor	Docs	Docs
VS Code	Docs	Docs
Codex	Docs	Docs
Windsurf	Docs	Docs
Antigravity	Docs	Docs
GitHub Copilot CLI	Docs	Docs
Gemini CLI	Docs	Docs
Kiro	Docs	Docs
Docker	—	Docs

EU support

The Postman MCP Server supports the EU region for remote and local servers:

For streamable HTTP, the remote server is available at https://mcp.eu.postman.com/mcp (Full), https://mcp.eu.postman.com/code, and https://mcp.eu.postman.com/minimal.
For the STDIO public package, use the --region eu flag, or set the POSTMAN_API_BASE_URL environment variable directly.
OAuth isn't supported for the EU server. The EU remote server only supports API key authentication.

Use cases

API Testing — Continuously test your API using your Postman collection. Use the local server to test local APIs, as the remote server won't have network access to your workstation.
Code synchronization — Keep your code in sync with your Postman Collections and specs.
Collection management — Create and tag collections, update documentation, add comments, or perform actions across multiple collections without leaving your editor.
Workspace and environment management — Create workspaces and environments, plus manage environment variables.
Automatic spec creation — Create specs from your code and use them to generate collections.
Client code generation — Generate production-ready client code that consumes APIs following best practices and project conventions.

Docker

For Docker setup and installation, see DOCKER.md.

Questions and support

See Add your MCP requests to your collections to learn how to use Postman to perform MCP requests.
Visit the Postman Community to share what you've built, ask questions, and get help.
You can connect to both the remote and local servers and test them using the Postman MCP Server collection.

Reviews

No reviews yet

Be the first to review this server!

More Developer Tools MCP Servers

Fetch

Free

by Modelcontextprotocol · Developer Tools

Web content fetching and conversion for efficient LLM usage

Git

Free

by Modelcontextprotocol · Developer Tools

Read, search, and manipulate Git repositories programmatically

Toleno

Free

by Toleno · Developer Tools

Toleno Network MCP Server — Manage your Toleno mining account with Claude AI using natural language.

Postman MCP Server

About

Security Report

Findings (9)Action required

Permissions Required

What You'll Need

How to Install & Connect

Documentation

Postman MCP Server

Postman MCP Server collection

Tool configurations

Authentication

Quick start

Supported agents and IDEs

EU support

Use cases

Docker

Questions and support

Reviews

No reviews yet

More Developer Tools MCP Servers

Fetch

Git

Toleno

mcp-creator-python

MarkItDown

FinAgent