How to Set Up Postman for ISC: A Step-by-Step Guide

KranthiKranthi
2 min read

To connect SailPoint Identity Security Cloud (ISC) to Postman, you need to interact with SailPoint’s REST APIs securely using OAuth 2.0 (Client Credentials flow). Here’s a clear, step-by-step guide to get started:

Step 1: Create an API Client in SailPoint ISC

  • Go to your SailPoint ISC Admin Console.

  • Navigate to Admin → API Management → API Clients.

  • Click + New API Client.

  • Fill in:

    • Name: Postman Client (or anything)

    • Client Type: Confidential

    • Client Authentication Type: Client Credentials

  • Select appropriate Scopes (e.g., sp:scopes:all, sp:accounts:read, etc.).

  • Save and copy the Client ID and Client Secret. You’ll need these in Postman.

    Step 2: Get the Token Endpoint URL

  • Go to tenant> Profile > Preferences> Access tokens> select New Token

  • Set respective option »

  • What is this token for?

    Expiration DateSelect an expiration date for the personal access token. The date must be within the next six months and cannot be in the past.

    Scopes : choose respective options like,

    cam:admin:manage

    View or edit Cloud Access Management admin access.

    cam:admin:read

    Grant Cloud Access Manageme and others as per role that you are holding

    Step 3: Configure Postman to Get Access Token

  • Go to extentions>

  • Download the ISC SailPoint Identity Security Cloudv1.3.18 extention developed by yannick

  • Add new tenant and provide required secuirty credentials like tenant access codes, PAT, etc..

  • Download you will clear setp by step process on how to setup your tenant.

    after setup, it will look like this

  • Common errors:

    | Error | Fix | | --- | --- | | 401 Unauthorized | Wrong client secret or missing scopes | | 403 Forbidden | API client lacks permissions for endpoint | | invalid_scope | Add correct scope in API client or token request |

0
Subscribe to my newsletter

Read articles from Kranthi directly inside your inbox. Subscribe to the newsletter, and don't miss out.

sailpoint#IdentitySecurityIAMPostmanAPIsOAuth2cloud securityREST API#cybersecurityIdentity Governance and Administration (IGAAPI TESTING

Written by

Kranthi
Kranthi

👋 Hi, I’m Kranthi Kumar Puttapaka, a Certified SailPoint IAM Engineer with over 5 years of experience in building secure and scalable identity solutions. I help organizations streamline their Identity & Access Management (IAM) processes and strengthen their security posture. I specialize in designing and implementing enterprise-grade IAM systems using technologies like SailPoint IdentityIQ, Identity Security Cloud (ISC), Okta, Azure AD (Entra ID), and CyberArk. My focus areas include identity governance, access lifecycle automation, role-based access control, and Zero Trust security architectures. Over the years, I’ve led multiple SailPoint IIQ to ISC migration projects with zero downtime, developed custom connectors for seamless integrations, and implemented compliance frameworks like SOX, GDPR, HIPAA, and NIST. I also have hands-on experience with cloud platforms such as AWS and Azure, enabling organizations to adopt cloud-native identity governance. On the technical side, I work with Java, JavaScript, Python, and BeanShell for customization and automation. My toolkit includes Spring Boot, Spring Security, Docker, Terraform, and databases like MySQL, Oracle, MongoDB, and LDAP. Here on Hashnode, I write about IAM architecture patterns, SailPoint implementation deep dives, cloud identity strategies, Zero Trust security models, and real-world challenges I’ve solved in Identity Governance. Always excited to connect with fellow IAM professionals and share knowledge about building secure, scalable identity solutions. Let’s make the digital world more secure, one identity at a time!