![]() The result is a great looking web page with all the API calls, docs and sample requests and responses in one place. This turns Postman from a personal #API utility to full-blown public interactive API documentation. You can publish a collection and easily share it with a URL. Then you can add Markdown content to the entire collection, a folder of related methods, and/or every API method to explain how the APIs work. This makes it possible to use Postman for one-off API tasks instead of writing code. This allows you to parameterize things like username, password and workspace_name so a user can fill their own values in before making an API call. You can generalize a collection with “collection variables”. Over time you can build up a set of requests and organize them into a “Postman Collection”. You download the desktop app, and build API requests by URL and payload. Postman is an “API development environment”. For the API reference doc we are using Postman. A public API is only as good as its #documentation. This will become clear later on.We just launched the Segment Config API (try it out for yourself here) - a set of public REST APIs that enable you to manage your Segment configuration. Note: SYM_Link and SYM_ResourceGroup are essentially the same thing, but are defined separately for the purpose of discussion. Secret derived from password using SLT_Enc Secret derived from password using SLT_Auth_1 Salt for PBKDF2 of password for encryption Request, Workspace, etc.)Ī group of M_Resource that can be shared as oneĪ relationship linking a M_Account to M_ResourceGroup Data ModelĪn entity that can be synced (eg. Here are definitions for the common things that will be talked about. Please take the usual precautions to keep your local data safe. It is still possible for malicious software to access the application data stored on your machine. E2EE only applies to data that is transmitted over the network. Insomnia currently stores application data on disk in raw form. However, both id and name of each resource are attached in plaintext before uploading. Unencrypted Fieldsīy default, resources within the application are fully encrypted before being sent to the server. You can change your password but you need a copy of your old one to do so. If you lose your password there is no way to access your data, and there is nothing Insomnia can do to help apart from resetting your account. Losing your password means losing the ability to decrypt your account keys. Encryption algorithms we useĪll data is encrypted using randomly generated 256 bit symmetric keys for use with AES-GCM-256 (Galois Counter Mode). ![]() You can rest assured that your data is safe on your machine. This means that neither Insomnia, network spies, or server hackers can gain access to your sensitive data. Insomnia never sends unencrypted data or keys that can be used to decrypt data to the server. At no point in the sync process can the Insomnia servers, or an intruder read or access sensitive application data. What End-To-End encryption meansĮ2EE means that all encryption keys are generated locally, all encryption is performed before sending any data over the network, and all decryption is performed after receiving data from the network. If you read anything in this document, it should be this section. This section gives a high level overview of Insomnia paid plans security. If you find that any part of this document is incorrect, missing, or wrong, please don’t hesitate to reach out. Insomnia believes that it is your right to know how your sensitive data is transported and handled, so this document is an effort to explain exactly how it works. Simply sign into your account and your data will be there, seamlessly synced across all of your (and optionally your teams’) devices. ![]() When signing up for Insomnia Sync, you gain access to end-to-end encrypted data sync.
0 Comments
Leave a Reply. |