Postman brings order to chaos at BetterCloud

Every day, thousands of customers rely on BetterCloud to centralize data and controls, surface operational intelligence, enforce complex security policies, and delegate custom administrator privileges across SaaS applications.

BetterCloud is the first SaaS application management and security platform, enabling IT to centralize, orchestrate, and operationalize day-to-day administration and control for SaaS applications. BetterCloud is headquartered in New York City with an engineering office in Atlanta, GA. Since using Postman Pro, the engineering team works faster and communicates more efficiently. QA and DevOps can sync collections to get the latest endpoints and examples to support non-production and production environments. Even non-technical team members use Postman Pro to learn about REST APIs, explore data, and support debugging. Let’s take a closer look.

Better organization

Before Postman, BetterCloud struggled with organizing API documentation and endpoints. To remedy this situation, BetterCloud teams use the Team Library to organize their API infrastructure, API documentation, workflows, and test suites more easily.

Each team at BetterCloud owns at least one collection for each major feature. Each collection contains requests that are organized by microservice. Team members can share collections and environment templates, and see the activity feed in the Team Library. Sharing collections provides structure and common organization, which makes locating and trying out endpoints easy. It also keeps all teams up to date with the latest endpoint contracts. Now the BetterCloud team no longer needs to search through various documents and spreadsheets to find information about APIs.  Nor do they have to manage unwieldy existing or new API endpoints. The Team Library is the single source of truth about their APIs. It lets them see the state of their APIs in real time, or review historical versions and the latest updates.

More secure API development

BetterCloud takes security seriously. It's important to ensure secrets stay secret. Leaking passwords, authorization tokens, or API keys can lead to a security nightmare. They use environments to save secrets locally and reference them in synced collections, endpoints, and scripts. Environments are a group of key value pairs that are referenced while sending requests or running scripts. Multiple environments can be setup to represent different deployed and development environments. The pairs are scoped to a named environment, but Postman also provides a global context for parameters that do not change across environments. Developers and testers use environments to “change” multiple parameters at the same time.

Easier authentication

Engineers at BetterCloud use pre-request scripts to apply HMAC headers. Pre-request scripts are JavaScript snippets that run before a request is sent. For example, BetterCloud developers add generated headers, such as timestamps, or calculate and apply HMAC headers. Since timestamps are part of their HMAC hash, Postman Pro calculates and applies the hash, signature, and signed headers as request headers.

Author: belinda

A technical communicator.