Postman is where most API development happens. Teams build their APIs, write their test collections, and use Postman for manual testing during development. What many teams don't realize is that Postman Collections can become the foundation of continuous API monitoring through Postman's Monitor feature — or be exported and run as part of a broader monitoring strategy alongside dedicated uptime monitoring tools.
Postman Monitors vs Dedicated API Monitoring
Before diving in, understand what Postman Monitors do and where they fit:
| Capability | Postman Monitors | Dedicated Tools (AzMonitor) | |---|---|---| | Collection-based tests | Excellent | Limited | | Multi-step API flows | Excellent | Good | | Pre-built test scripts | Excellent | Basic | | Global monitoring locations | Limited (paid tiers) | Multiple regions | | Check interval | 5 minutes minimum | 30 seconds | | SSL monitoring | No | Yes | | Status pages | No | Yes | | Alert routing | Basic | Advanced (PagerDuty, Slack, SMS) | | External URL monitoring | Limited to API tests | Yes | | Maintenance windows | No | Yes |
Both tools serve different purposes. Postman excels at API correctness testing with its collection framework. Dedicated monitoring tools excel at availability monitoring, alerting infrastructure, and status management. The best approach uses both.
Setting Up Postman API Tests
First, build comprehensive test scripts in your Postman collection:
// Postman Test Script - User API
// Put this in the "Tests" tab of your request
// 1. Status code check
pm.test("Status code is 200", function() {
pm.response.to.have.status(200);
});
// 2. Response time check
pm.test("Response time < 1000ms", function() {
pm.expect(pm.response.responseTime).to.be.below(1000);
});
// 3. Content type check
pm.test("Content-Type is JSON", function() {
pm.expect(pm.response.headers.get("Content-Type")).to.include("application/json");
});
// 4. Response body structure
pm.test("Response has required fields", function() {
const body = pm.response.json();
pm.expect(body).to.have.property("id");
pm.expect(body).to.have.property("email");
pm.expect(body).to.have.property("created_at");
pm.expect(body.id).to.be.a("string");
pm.expect(body.email).to.match(/^[^\s@]+@[^\s@]+\.[^\s@]+$/);
});
// 5. Business logic validation
pm.test("User is active", function() {
const body = pm.response.json();
pm.expect(body.status).to.equal("active");
});
// 6. Store values for next request in chain
pm.environment.set("user_id", pm.response.json().id);
pm.environment.set("user_email", pm.response.json().email);
Building a Monitoring Collection
Create a dedicated collection for monitoring with test scenarios:
{
"info": {
"name": "Production API Monitoring",
"schema": "https://schema.getpostman.com/json/collection/v2.1.0/collection.json"
},
"item": [
{
"name": "Health Checks",
"item": [
{
"name": "API Health",
"request": {
"method": "GET",
"url": "{{base_url}}/health"
},
"event": [
{
"listen": "test",
"script": {
"exec": [
"pm.test('API is healthy', function() {",
" pm.response.to.have.status(200);",
" const body = pm.response.json();",
" pm.expect(body.status).to.equal('healthy');",
"});"
]
}
}
]
}
]
},
{
"name": "Authentication Flow",
"item": [
{
"name": "Login",
"request": {
"method": "POST",
"url": "{{base_url}}/auth/login",
"body": {
"raw": "{\"email\": \"{{monitor_email}}\", \"password\": \"{{monitor_password}}\"}"
}
},
"event": [
{
"listen": "test",
"script": {
"exec": [
"pm.test('Login succeeds', function() {",
" pm.response.to.have.status(200);",
" const body = pm.response.json();",
" pm.expect(body.token).to.be.a('string');",
" pm.environment.set('auth_token', body.token);",
"});"
]
}
}
]
},
{
"name": "Verify Token Works",
"request": {
"method": "GET",
"url": "{{base_url}}/me",
"header": [
{"key": "Authorization", "value": "Bearer {{auth_token}}"}
]
},
"event": [
{
"listen": "test",
"script": {
"exec": [
"pm.test('Token is valid', function() {",
" pm.response.to.have.status(200);",
" const body = pm.response.json();",
" pm.expect(body.email).to.equal(pm.environment.get('monitor_email'));",
"});"
]
}
}
]
}
]
}
]
}
Running Collections with Newman
Newman is the command-line runner for Postman Collections. Use it to run monitoring tests in CI/CD and cron jobs:
# Install Newman
npm install -g newman
# Run collection with environment
newman run "Production API Monitoring.postman_collection.json" \
--environment "production.postman_environment.json" \
--reporters cli,json \
--reporter-json-export "results.json"
# Run with HTML report
newman run collection.json \
--environment production.env.json \
--reporters cli,htmlextra \
--reporter-htmlextra-export "report.html"
Schedule with cron for continuous monitoring:
# crontab -e
# Run API tests every 5 minutes
*/5 * * * * /usr/local/bin/newman run /opt/monitoring/api-monitoring.json \
--environment /opt/monitoring/production.env.json \
--reporters json \
--reporter-json-export /var/log/api-monitoring/$(date +\%Y\%m\%d_\%H\%M\%S).json \
2>&1 >> /var/log/api-monitoring/newman.log
Parsing Newman Results for Alerting
#!/usr/bin/env python3
# parse-newman-results.py - Alert on test failures
import json
import sys
import requests
from datetime import datetime
def parse_newman_results(results_file):
"""
Parse Newman results and extract failure information.
"""
with open(results_file) as f:
results = json.load(f)
failures = []
for run in results.get("run", {}).get("executions", []):
request_name = run.get("item", {}).get("name", "Unknown")
for assertion in run.get("assertions", []):
if not assertion.get("skipped") and assertion.get("error"):
failures.append({
"request": request_name,
"assertion": assertion.get("assertion", ""),
"error": assertion.get("error", {}).get("message", ""),
"response_time": run.get("response", {}).get("responseTime"),
"status_code": run.get("response", {}).get("code")
})
return {
"total_requests": results["run"]["stats"]["requests"]["total"],
"failed_assertions": len(failures),
"failures": failures,
"run_duration_ms": results["run"]["timings"]["completed"] -
results["run"]["timings"]["started"]
}
def send_alert(failures, webhook_url):
"""Send Slack alert for test failures"""
failure_text = "\n".join([
f"• *{f['request']}*: {f['assertion']} - {f['error']}"
for f in failures["failures"]
])
payload = {
"blocks": [
{
"type": "header",
"text": {
"type": "plain_text",
"text": "🚨 API Monitor Test Failures"
}
},
{
"type": "section",
"text": {
"type": "mrkdwn",
"text": f"*{failures['failed_assertions']} test(s) failed*\n{failure_text}"
}
}
]
}
requests.post(webhook_url, json=payload)
if __name__ == "__main__":
results_file = sys.argv[1]
slack_webhook = sys.argv[2]
results = parse_newman_results(results_file)
if results["failed_assertions"] > 0:
send_alert(results, slack_webhook)
sys.exit(1) # Non-zero exit = failure (detected by monitoring)
print(f"All tests passed. Duration: {results['run_duration_ms']}ms")
sys.exit(0)
Integrating Postman Monitoring with External Uptime Tools
The gap Postman doesn't fill: availability monitoring with short check intervals, SSL certificate expiry, multi-region confirmation, and integrated status pages. Use Postman for API correctness; use AzMonitor for availability:
# What AzMonitor monitors (availability layer)
monitors:
- name: "API Base URL"
url: "https://api.example.com/health"
interval: 60 # Every minute
regions: [us-east, eu-west, ap-south]
ssl_expiry: true
- name: "Auth Endpoint"
url: "https://api.example.com/auth/health"
interval: 60
- name: "Core Feature API"
url: "https://api.example.com/v1/core/health"
interval: 60
# What Newman/Postman monitors (correctness layer)
# Run every 5 minutes via cron
postman_monitors:
- collection: "api-correctness-tests.json"
environment: "production.env.json"
schedule: "*/5 * * * *"
alert_on_failure: slack_webhook
Exporting Postman Collections for Other Tools
Your Postman collection can be exported and used in other monitoring contexts:
# Export collection via Postman API
curl -s "https://api.getpostman.com/collections/YOUR_COLLECTION_ID" \
-H "X-Api-Key: ${POSTMAN_API_KEY}" \
> collection.json
# Convert Postman collection to k6 for load testing
npm install -g @apideck/postman-to-k6
postman-to-k6 collection.json -o k6-script.js
# Use with k6 for load testing
k6 run k6-script.js
Postman Environment Management for Monitoring
Use Postman environments to manage monitoring credentials safely:
{
"id": "production-monitoring",
"name": "Production Monitoring",
"values": [
{
"key": "base_url",
"value": "https://api.example.com",
"enabled": true
},
{
"key": "monitor_email",
"value": "monitor@internal.example.com",
"enabled": true
},
{
"key": "monitor_password",
"value": "{{MONITOR_PASSWORD}}",
"enabled": true
}
]
}
Store sensitive values in a secrets manager and inject them at runtime:
# Inject secrets from AWS Secrets Manager into Newman run
MONITOR_PASSWORD=$(aws secretsmanager get-secret-value \
--secret-id "monitoring/api-password" \
--query SecretString --output text)
newman run collection.json \
--environment production.env.json \
--env-var "MONITOR_PASSWORD=${MONITOR_PASSWORD}"
Conclusion
Postman Collections are an excellent foundation for API correctness monitoring — the test scripting capabilities and multi-step flows are hard to replicate in simpler monitoring tools. But Postman Monitors have limitations (check interval, SSL monitoring, alerting sophistication) that make them a complement to, rather than replacement for, dedicated uptime monitoring. Build your API test coverage in Postman, run them continuously with Newman, and use AzMonitor for the availability and infrastructure layer that Postman doesn't cover. The combination gives you both the "is it up?" and "is it working correctly?" visibility that comprehensive API monitoring requires.
3 monitors free forever · No credit card needed · Set up in 2 minutes
Start monitoring free →