How to add Postmancer to Windsurf
A standalone MCP server for API testing and management — let AI assistants call REST APIs in natural language. Paste the config into ~/.codeium/windsurf/mcp_config.json and restart Windsurf.
Last updated June 14, 2026 · 28★ · stdio · no auth
Windsurf config for Postmancer
npm install -g postmancer{
"mcpServers": {
"postmancer": {
"command": "npx",
"args": [
"-y",
"postmancer"
],
"env": {
"LOG_LEVEL": "info"
}
}
}
}Setup steps
- 1Open Windsurf → Cascade → the hammer/MCP icon → Configure (or edit ~/.codeium/windsurf/mcp_config.json).
- 2Paste the Postmancer config below.
- 3Fill in placeholder secrets, then save.
- 4Click Refresh in the MCP panel.
- 5Postmancer's tools become available to Cascade.
Before you start
- Node.js with npm/npx (to run the package), or Docker
- A REST API to test against
What Postmancer can do in Windsurf
http_requestSend HTTP requests to any URL.
list_collectionsView all your saved API collections.
list_requestsView all requests in a collection.
save_requestSave a request to a collection.
request_from_collectionExecute a saved request from a collection.
set_environment_variableSet variables for request templates.
get_environment_variablesView all environment variables.
Security
For production environments it is strongly recommended to set the encryption keys (POSTMANCER_ENCRYPTION_KEY for credentials/tokens, ENCRYPTION_KEY for secret environment variables) rather than using the defaults. If unset, a random key is generated for POSTMANCER_ENCRYPTION_KEY and a default key is used for ENCRYPTION_KEY.
Postmancer + Windsurf FAQ
Where is the Windsurf config file?
Windsurf reads MCP servers from ~/.codeium/windsurf/mcp_config.json. Paste the Postmancer config there under the "mcpServers" key and restart the client.
Is Postmancer safe to use with Windsurf?
For production environments it is strongly recommended to set the encryption keys (POSTMANCER_ENCRYPTION_KEY for credentials/tokens, ENCRYPTION_KEY for secret environment variables) rather than using the defaults. If unset, a random key is generated for POSTMANCER_ENCRYPTION_KEY and a default key is used for ENCRYPTION_KEY.
How do I run Postmancer?
Install it globally with `npm install -g postmancer` or run it directly via `npx postmancer`. A Docker image is also available.
Where are collections stored?
By default in `~/.postmancer`. You can change this with the `COLLECTIONS_PATH` environment variable.
How are credentials kept secure?
Credentials and tokens are encrypted using `POSTMANCER_ENCRYPTION_KEY`, and secret environment variables using `ENCRYPTION_KEY`. Setting these keys explicitly is strongly recommended in production.