Data Privacy while using API tools

4 points by 11shyam11 ↗ HN
What’s the best Postman alternative if privacy is a concern — Postmate Client vs. Thunder Client?

10 comments

[ 243 ms ] story [ 1152 ms ] thread
Your questions is rather general. But a try: "What’s the best Postman alternative if privacy is a concern — Postmate Client vs. Thunder Client?"

- Always use a local client (100%) that you fully control. - Be aware tat many providers have advanced finger printing techniques. So reaching out to a remote API is always a severe privacy risks! At least when you make an API call from you 'own' computer/home/work to an API-service. - Most 'tools' for making API tools use telemetry. If you use a tool within a IDE that uses Telemetry you could be harmed twice. (E.g. VSCode with Thunder Client)

It depends on what you mean by "privacy."There are at least three separate concerns: Does the client send telemetry? Does it sync your collections or API definitions to a cloud service? Do your API requests transit through a third-party server, or are they sent directly from your machine?

Those matter much more than whether the client is Postman, Thunder Client, or something else.

i fully trust openrouter zdr and distillable parameters, i said a lot of controversial things, and there no cop round up my doorsteps
Bruno è una scelta solida se il punto è "nessuna telemetria, nessun sync cloud" — è open source e le request restano locali per design, a differenza di Postman che sincronizza tutto sul loro cloud di default.
This is a well-organized starter template for AI backend work. Explicit rules against hardcoding private API keys are a vital security design choice for any public LLM tooling repository