{"templateId":"markdown","sharedDataIds":{"sidebar":"sidebar-sidebars.yaml"},"props":{"metadata":{"markdoc":{"tagList":[]},"type":"markdown"},"seo":{"title":"Using the Hyperproof Postman collection","description":"Hyperproof developer resources for custom integrations.","llmstxt":{"hide":false,"sections":[{"title":"Table of contents","includeFiles":["**/*"],"excludeFiles":[]}],"excludeFiles":[]}},"dynamicMarkdocComponents":[],"compilationErrors":[],"ast":{"$$mdtype":"Tag","name":"article","attributes":{},"children":[{"$$mdtype":"Tag","name":"Heading","attributes":{"level":1,"id":"using-the-hyperproof-postman-collection","__idx":0},"children":["Using the Hyperproof Postman collection"]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["The Hyperproof Postman collection provides a ready-to-use set of pre-built API requests for every endpoint in the Hyperproof API. It's a convenient way to explore and test the API without writing any code."]},{"$$mdtype":"Tag","name":"hr","attributes":{},"children":[]},{"$$mdtype":"Tag","name":"Heading","attributes":{"level":2,"id":"downloading-the-collection","__idx":1},"children":["Downloading the collection"]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["Download the collection JSON file from here ",{"$$mdtype":"Tag","name":"a","attributes":{"href":"/hyperproof-postman-collection.json","download":"hyperproof-postman-collection.json"},"children":["Hyperproof Postman Collection"]},". The file is named ",{"$$mdtype":"Tag","name":"code","attributes":{},"children":["hyperproof-postman-collection.json"]},"."]},{"$$mdtype":"Tag","name":"hr","attributes":{},"children":[]},{"$$mdtype":"Tag","name":"Heading","attributes":{"level":2,"id":"importing-into-postman","__idx":2},"children":["Importing into Postman"]},{"$$mdtype":"Tag","name":"ol","attributes":{},"children":[{"$$mdtype":"Tag","name":"li","attributes":{},"children":["Open Postman."]},{"$$mdtype":"Tag","name":"li","attributes":{},"children":["Click ",{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Import"]}," in the top-left corner."]},{"$$mdtype":"Tag","name":"li","attributes":{},"children":["Select ",{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["File"]}," and choose the downloaded ",{"$$mdtype":"Tag","name":"code","attributes":{},"children":["hyperproof-postman-collection.json"]}," file."]},{"$$mdtype":"Tag","name":"li","attributes":{},"children":["Click ",{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Import"]}," to confirm."]}]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["Once imported, the ",{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Hyperproof API"]}," collection will appear in your Collections panel, with requests organized by resource type (Controls, Issues, Users, etc.)."]},{"$$mdtype":"Tag","name":"hr","attributes":{},"children":[]},{"$$mdtype":"Tag","name":"Heading","attributes":{"level":2,"id":"configuring-collection-variables","__idx":3},"children":["Configuring collection variables"]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["The collection uses variables for the base URL and authentication credentials so you don't need to edit individual requests. To set them:"]},{"$$mdtype":"Tag","name":"ol","attributes":{},"children":[{"$$mdtype":"Tag","name":"li","attributes":{},"children":["In the Collections panel, click the ",{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Hyperproof API"]}," collection name."]},{"$$mdtype":"Tag","name":"li","attributes":{},"children":["Select the ",{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Variables"]}," tab."]},{"$$mdtype":"Tag","name":"li","attributes":{},"children":["Fill in the ",{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Current Value"]}," column for each variable:"]}]},{"$$mdtype":"Tag","name":"div","attributes":{"className":"md-table-wrapper"},"children":[{"$$mdtype":"Tag","name":"table","attributes":{"className":"md"},"children":[{"$$mdtype":"Tag","name":"thead","attributes":{},"children":[{"$$mdtype":"Tag","name":"tr","attributes":{},"children":[{"$$mdtype":"Tag","name":"th","attributes":{"data-label":"Variable"},"children":["Variable"]},{"$$mdtype":"Tag","name":"th","attributes":{"data-label":"Description"},"children":["Description"]}]}]},{"$$mdtype":"Tag","name":"tbody","attributes":{},"children":[{"$$mdtype":"Tag","name":"tr","attributes":{},"children":[{"$$mdtype":"Tag","name":"td","attributes":{},"children":[{"$$mdtype":"Tag","name":"code","attributes":{},"children":["base_url"]}]},{"$$mdtype":"Tag","name":"td","attributes":{},"children":["Pre-set to ",{"$$mdtype":"Tag","name":"code","attributes":{},"children":["https://api.hyperproof.app/v1"]},". Change this only if directed by Hyperproof support."]}]},{"$$mdtype":"Tag","name":"tr","attributes":{},"children":[{"$$mdtype":"Tag","name":"td","attributes":{},"children":[{"$$mdtype":"Tag","name":"code","attributes":{},"children":["client_id"]}]},{"$$mdtype":"Tag","name":"td","attributes":{},"children":["Your API client ID."]}]},{"$$mdtype":"Tag","name":"tr","attributes":{},"children":[{"$$mdtype":"Tag","name":"td","attributes":{},"children":[{"$$mdtype":"Tag","name":"code","attributes":{},"children":["client_secret"]}]},{"$$mdtype":"Tag","name":"td","attributes":{},"children":["Your API client secret."]}]},{"$$mdtype":"Tag","name":"tr","attributes":{},"children":[{"$$mdtype":"Tag","name":"td","attributes":{},"children":[{"$$mdtype":"Tag","name":"code","attributes":{},"children":["access_token"]}]},{"$$mdtype":"Tag","name":"td","attributes":{},"children":["Leave blank for now — you'll populate this after authenticating."]}]}]}]}]},{"$$mdtype":"Tag","name":"ol","attributes":{"start":4},"children":[{"$$mdtype":"Tag","name":"li","attributes":{},"children":["Click ",{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Save"]},"."]}]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["To obtain a ",{"$$mdtype":"Tag","name":"code","attributes":{},"children":["client_id"]}," and ",{"$$mdtype":"Tag","name":"code","attributes":{},"children":["client_secret"]},", you must first create an API client in your Hyperproof organization. Refer to ",{"$$mdtype":"Tag","name":"MarkdownLink","attributes":{"href":"https://developer.hyperproof.app/hyperproof-api/api-002-oauth-client-credentials-flow"},"children":["OAuth client credentials flow"]}," for instructions."]},{"$$mdtype":"Tag","name":"hr","attributes":{},"children":[]},{"$$mdtype":"Tag","name":"Heading","attributes":{"level":2,"id":"obtaining-an-access-token","__idx":4},"children":["Obtaining an access token"]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["The collection includes a pre-built ",{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Get OAuth Access Token"]}," request in the ",{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Authentication"]}," folder."]},{"$$mdtype":"Tag","name":"ol","attributes":{},"children":[{"$$mdtype":"Tag","name":"li","attributes":{},"children":["In the collection, open the ",{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Authentication"]}," folder and select ",{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Get OAuth Access Token"]},"."]},{"$$mdtype":"Tag","name":"li","attributes":{},"children":["Confirm the request body is pre-filled with ",{"$$mdtype":"Tag","name":"code","attributes":{},"children":["{{client_id}}"]}," and ",{"$$mdtype":"Tag","name":"code","attributes":{},"children":["{{client_secret}}"]},"."]},{"$$mdtype":"Tag","name":"li","attributes":{},"children":["Click ",{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Send"]},"."]}]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["If successful, the response will contain an ",{"$$mdtype":"Tag","name":"code","attributes":{},"children":["access_token"]},":"]},{"$$mdtype":"Tag","name":"CodeBlock","attributes":{"data-language":"json","header":{"controls":{"copy":{}}},"source":"{\n  \"access_token\": \"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...\",\n  \"token_type\": \"bearer\",\n  \"expires_in\": 3600\n}\n","lang":"json"},"children":[]},{"$$mdtype":"Tag","name":"ol","attributes":{"start":4},"children":[{"$$mdtype":"Tag","name":"li","attributes":{},"children":["Check that the ",{"$$mdtype":"Tag","name":"code","attributes":{},"children":["access_token"]}," variable is now populated."]}]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["All requests in the collection will now include this token automatically via the collection-level Bearer auth setting."]},{"$$mdtype":"Tag","name":"hr","attributes":{},"children":[]},{"$$mdtype":"Tag","name":"Heading","attributes":{"level":2,"id":"making-your-first-request","__idx":5},"children":["Making your first request"]},{"$$mdtype":"Tag","name":"ol","attributes":{},"children":[{"$$mdtype":"Tag","name":"li","attributes":{},"children":["Open any resource folder, for example ",{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Controls"]},"."]},{"$$mdtype":"Tag","name":"li","attributes":{},"children":["Select ",{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Get Controls"]},"."]},{"$$mdtype":"Tag","name":"li","attributes":{},"children":["Click ",{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Send"]},"."]}]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["A successful response returns a JSON array of controls from your organization."]},{"$$mdtype":"Tag","name":"hr","attributes":{},"children":[]},{"$$mdtype":"Tag","name":"Heading","attributes":{"level":2,"id":"notes-and-tips","__idx":6},"children":["Notes and tips"]},{"$$mdtype":"Tag","name":"ul","attributes":{},"children":[{"$$mdtype":"Tag","name":"li","attributes":{},"children":["Access tokens expire after one hour. If you receive a ",{"$$mdtype":"Tag","name":"code","attributes":{},"children":["401 Unauthorized"]}," response, repeat the steps in ",{"$$mdtype":"Tag","name":"MarkdownLink","attributes":{"href":"#obtaining-an-access-token"},"children":["Obtaining an access token"]}," to get a fresh token."]},{"$$mdtype":"Tag","name":"li","attributes":{},"children":["Path parameters such as ",{"$$mdtype":"Tag","name":"code","attributes":{},"children":["controlId"]}," or ",{"$$mdtype":"Tag","name":"code","attributes":{},"children":["issueId"]}," appear as ",{"$$mdtype":"Tag","name":"code","attributes":{},"children":[":controlId"]}," in the request URL. Replace these with actual IDs before sending."]},{"$$mdtype":"Tag","name":"li","attributes":{},"children":["Query parameters are included in each request but disabled by default. Enable and fill them in as needed using the ",{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Params"]}," tab."]},{"$$mdtype":"Tag","name":"li","attributes":{},"children":["Never commit or share your ",{"$$mdtype":"Tag","name":"code","attributes":{},"children":["client_secret"]}," or ",{"$$mdtype":"Tag","name":"code","attributes":{},"children":["access_token"]},". Treat them with the same care as a password."]}]}]},"headings":[{"value":"Using the Hyperproof Postman collection","id":"using-the-hyperproof-postman-collection","depth":1},{"value":"Downloading the collection","id":"downloading-the-collection","depth":2},{"value":"Importing into Postman","id":"importing-into-postman","depth":2},{"value":"Configuring collection variables","id":"configuring-collection-variables","depth":2},{"value":"Obtaining an access token","id":"obtaining-an-access-token","depth":2},{"value":"Making your first request","id":"making-your-first-request","depth":2},{"value":"Notes and tips","id":"notes-and-tips","depth":2}],"frontmatter":{"seo":{"title":"Using the Hyperproof Postman collection"}},"lastModified":"2026-04-02T19:31:28.000Z","pagePropGetterError":{"message":"","name":""}},"slug":"/hyperproof-api/api-008-postman-collection","userData":{"isAuthenticated":false,"teams":["anonymous"]},"isPublic":true}