Scan Postman Traffic Through Charles

Sometimes, as a test engineer, you need to go deeper for checking API

Once in my practice I made requests from Postman which responded in an unpredictable way. I suggested that Postman could somehow additionally change the request when sending it. To check this hypothesis I needed to scan Postman traffic and Charles Proxy was the right tool for this task.


Setup Charles for Postman

Fortunately, a free version of Charles is enough to complete our discovery.

Proxy Settings
Charles → Proxy → Proxy Settings

2. Then go to Proxy → SSL Proxying Settings… and check the box Enable SSL Proxying in the «SSL Proxying Settings» window.

SSL Proxying Settings
Charles → Proxy → SSL Proxying Settings

3. Add a new endpoint in the «SSL Proxying Settings» — click [Add] under Include table and fill the fields according to your API:

Edit location
Charles → Proxy → SSL Proxying Settings → SSL Proxying → Edit location

Setup Postman for Charles

Proxy tab
Postman → SETTINGS → Proxy tab

2. Go to the «General» tab and turn off SSL certificate verification.

General tab
Postman → SETTINGS → General tab

Sniff Traffic

Postman’s request
Postman’s request

2. Open Charles. You will see an inspectable request from Postman.

Charles’ Overview
Charles’ Overview
Charles’ Contents
Charles’ Contents

This method will help to debug requests and responses if you doubt about the consistency of headers transmitted by Postman.

It seems that Postman does not add anything extra to the request and cURL is quite consistent to it.

Comparison of requests in Postman and Charles

Do not forget to turn off the proxy settings in Postman when Charles is not running.



Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Andrey Enin

Quality assurance engineer: I’m testing web applications, APIs and doing automation testing.