Scan Postman Traffic Through Charles

Sometimes, as a test engineer, you need to go deeper for checking API

Once in my practice I made requests from Postman which responded in an unpredictable way. I suggested that Postman could somehow additionally change the request when sending it. To check this hypothesis I needed to scan Postman traffic and Charles Proxy was the right tool for this task.


Setup Charles for Postman

Fortunately, a free version of Charles is enough to complete our discovery.

  1. Go to Proxy → Proxy Settings… and fill the field HTTP Proxy = 8888 and check the box Support HTTP/2 in the «Proxy Settings» window.

2. Then go to Proxy → SSL Proxying Settings… and check the box Enable SSL Proxying in the «SSL Proxying Settings» window.

3. Add a new endpoint in the «SSL Proxying Settings» — click [Add] under Include table and fill the fields according to your API:

  • Host =
  • Port = 443

Setup Postman for Charles

  1. Go to SETTINGS → «Proxy» tab and check: Add a custom proxy configuration, HTTP and HTTPS boxes. Fill the field Proxy Server = (port should be the same as in Charles).

2. Go to the «General» tab and turn off SSL certificate verification.

Sniff Traffic

  1. Send a GET request in Postman (Charles should be started too). If the settings are made correctly, you will receive a response.

2. Open Charles. You will see an inspectable request from Postman.

This method will help to debug requests and responses if you doubt about the consistency of headers transmitted by Postman.

It seems that Postman does not add anything extra to the request and cURL is quite consistent to it.

Do not forget to turn off the proxy settings in Postman when Charles is not running.

Quality assurance engineer