Test the API with Postman

Audience Developers who prefer a point-and-click workflow—send, inspect, iterate—directly from Postman without navigating Swagger-UI or writing cURL scripts.

1 · Prerequisites

Requirement	Minimum Version	Notes
Postman Desktop	10.21	Native application strongly recommended.
ANKASecure Collection	2.0	Download below.
ANKASecure Environment	1.0	Download below.

2 · Download

Artifact	Path within docs	SHA-256
Collection (JSON)	`ankasecure-v2.postman_collection.json`	`ankasecure-v2.postman_collection.json.sha256`
Environment (JSON)	`ankasecure-env.json`	`935536adaf30e3bcf4c38cb7e2100b42ad56cd002e3e2bb33192036806c05318`

Download both files to a local folder.
Integrity can be verified with shasum -a 256 <file>.

3 · Import into Postman

File → Import → Upload Files → select the collection and the environment.
Confirm that the “AnkaSecure Environment” is active (drop-down in the top-right corner).
The collection sidebar now shows three root folders:
Key Management
Secure Operations
Secure Streaming

Each folder maps exactly to the tags defined in the OpenAPI specification.

4 · Configure Environment Variables

Variable	Default	Description
`host`	`demo.ankatech.co`	DNS name or IP of your AnkaSecure server.
`port`	`443`	Listener port.
`baseUrl`	auto-derived	`${protocol}://${host}:${port}`
`token`	(empty)	Runtime JWT acquired in step 5.

Update host/port if you are targeting an on-premise or staging instance.
Do not edit baseUrl; a pre-request script derives it on every call.

5 · Authenticate

Expand Authentication folder.
Open POST /auth/login request.
In the Body › JSON tab, provide valid credentials:

   {
     "clientId": "<your-client-id>",
     "clientSecret": "<your-client-secret>"
   }

Click Send.
On success (200 OK) a pre-request script extracts access_token and assigns it to the token environment variable. All subsequent requests automatically inject

Authorization: Bearer {{token}}

in the header.

Troubleshooting

If token remains empty, open the "Tests" tab of POST /auth/login and verify that pm.environment.set('token', ...) is executed.

6 - Run Your First Flow

Open the Quick-Start folder and click ▶ Run collection.

Step	Request	Expected Status
① Generate Key	`POST /api/key-management/keys`	`201 Created`
② Encrypt Data	`POST /api/crypto/encrypt`	`200 OK`
③ Decrypt Data	`POST /api/crypto/decrypt`	`200 OK`

The Collection Runner displays pass/fail and aggregated timings. All assertions are implemented in the "Tests" tab of each request and use Chai expectations.

7 - Streaming Operations

For large files or streaming use-cases:

Select any request under Secure Streaming.
In the Body › form-data tab, retain the two parts:
- metadata → application/json
- file → File (choose file dialog)

Pre-request scripts hash the payload to enforce the 5 MB limit defined by the API; exceeding the limit fails fast with Payload Too Large.

8 - Mapping to Swagger-UI

Collection folders and request names correspond one-to-one with tags and operationIds in Swagger-UI.\ When you need deep schema details, click "Swagger UI" in the sidebar or navigate to /api_reference/swagger.md.

9 - Support

General assistance → [email protected] (Response SLA: 1 business day).

Change Log

Version	Date	Notes
2.3.0	2025-08-29	Updated release aligned with OpenAPI 3.0.
2.0.1	2025-06-21	Public release aligned with OpenAPI 3.0.