How to Set Up Postman for ISC: A Step-by-Step Guide

To connect SailPoint Identity Security Cloud (ISC) to Postman, you need to interact with SailPoint’s REST APIs securely using OAuth 2.0 (Client Credentials flow). Here’s a clear, step-by-step guide to get started:
Step 1: Create an API Client in SailPoint ISC
Go to your SailPoint ISC Admin Console.
Navigate to Admin → API Management → API Clients.
Click + New API Client.
Fill in:
Name:
Postman Client
(or anything)Client Type:
Confidential
Client Authentication Type:
Client Credentials
Select appropriate Scopes (e.g.,
sp:scopes:all
,sp:accounts:read
, etc.).Save and copy the
Client ID
andClient Secret
. You’ll need these in Postman.Step 2: Get the Token Endpoint URL
Go to tenant> Profile > Preferences> Access tokens> select New Token
Set respective option »
What is this token for?
Expiration DateSelect an expiration date for the personal access token. The date must be within the next six months and cannot be in the past.
Scopes : choose respective options like,
cam:admin:manage
View or edit Cloud Access Management admin access.
cam:admin:read
Grant Cloud Access Manageme and others as per role that you are holding
Step 3: Configure Postman to Get Access Token
Go to extentions>
Download the ISC SailPoint Identity Security Cloud
v1.3.18
extention developed by yannickAdd new tenant and provide required secuirty credentials like tenant access codes, PAT, etc..
Download you will clear setp by step process on how to setup your tenant.
after setup, it will look like this
Common errors:
| Error | Fix | | --- | --- | |
401 Unauthorized
| Wrong client secret or missing scopes | |403 Forbidden
| API client lacks permissions for endpoint | |invalid_scope
| Add correct scope in API client or token request |
Subscribe to my newsletter
Read articles from Kranthi directly inside your inbox. Subscribe to the newsletter, and don't miss out.
Written by

Kranthi
Kranthi
👋 Hi, I’m Kranthi Kumar Puttapaka, a Certified SailPoint IAM Engineer with over 5 years of experience in building secure and scalable identity solutions. I help organizations streamline their Identity & Access Management (IAM) processes and strengthen their security posture. I specialize in designing and implementing enterprise-grade IAM systems using technologies like SailPoint IdentityIQ, Identity Security Cloud (ISC), Okta, Azure AD (Entra ID), and CyberArk. My focus areas include identity governance, access lifecycle automation, role-based access control, and Zero Trust security architectures. Over the years, I’ve led multiple SailPoint IIQ to ISC migration projects with zero downtime, developed custom connectors for seamless integrations, and implemented compliance frameworks like SOX, GDPR, HIPAA, and NIST. I also have hands-on experience with cloud platforms such as AWS and Azure, enabling organizations to adopt cloud-native identity governance. On the technical side, I work with Java, JavaScript, Python, and BeanShell for customization and automation. My toolkit includes Spring Boot, Spring Security, Docker, Terraform, and databases like MySQL, Oracle, MongoDB, and LDAP. Here on Hashnode, I write about IAM architecture patterns, SailPoint implementation deep dives, cloud identity strategies, Zero Trust security models, and real-world challenges I’ve solved in Identity Governance. Always excited to connect with fellow IAM professionals and share knowledge about building secure, scalable identity solutions. Let’s make the digital world more secure, one identity at a time!