Intro
Integrating Drata's compliance automation tool can significantly streamline your compliance processes. This tutorial will guide you through utilising Drata's APIs with Postman. We'll cover importing the Drata Postman collection, setting an environment and making an API call.
We won't cover first time installation of Postman or Drata, this doc will assume a basic understanding of the two.
Getting started
Importing Postman Collection
We need to download the Drata Postman Collection
and following the documentation on Drata, to import the collection into Postman.
Click Import, select the swagger.json file you just downloaded, next make sure we click View Import Settings
Under Folder organization click the drop down and select Tags (the default is likely set to Paths
Creating a new Postman Environment
Create a new environment in Postman
On the left hand navigation, select Environments, and at the top click + the plus
Add two new Variables
baseUrl
bearerToken
For the baseUrl, set the value depending on the location of your Drata instance (reference documentation)
Creating our Drata API token
We need to generate an API token within Drata and update the bearerToken in the Postman environment.
To do this, login to Drata and click your name at the bottom left corner and then click Settings
Click API Keys
Then we need to Create API Key
Follow the details on screen, including a Name, expiration and the scopes required.
Best practice is to limit the time of the token for how long you need it, limiting certain IP addresses to use the token and limiting the scope to what you need.
Take the API Key you are given and update the bearerToken value in the Postman environment. Don't forget to click Save for the Enviornment
It should now look something like:
Let's run a request!
Go to the collection, and let's run a basic request. Expand Drata API Documentation > Personnel and select Get personnel by id
Update the :id with a personnel ID (1 should be fine)
If you want to check what the id should be set to, you can open up the Drata app, go to Personnel and open the user, you'll find their ID in the URL bar.
Make sure we have selected an Environment within Postman (top right corner) and click Send
🚀 Congratulations, we have now made an API call to Drata using Postman
Recap
We have successfully setup the Drata Postman collection and are now able to make Postman requests against the Drata API.
What features of the Drata API would you like to know more about or see examples of?
Top comments (0)