Thoughts on the Bruno API client

I’m a long-time user of Postman for testing and documenting HTTP services/APIs. In general it’s a convenient tool, but it’s not perfect, and some of the drawbacks are an intentional result of the developers’ business model and therefore unlikely to be fixed. For example, collections can be imported and exported as files, but it’s a very manual process and the file format is not well-suited to diff and code review workflows; the intended means of sharing is Postman’s own cloud sync and team workspace functionality.

In short, I’m interested in alternatives.

One such alternative that came to my attention is Bruno, and I recently gave it a go.

Positive impressions:

• Offline-only - no faff with accounts or cloud sync needed, although there are some paid features which presumably would require an account.
• Collections are stored in a sensible file and folder structure, which is easy to diff. The files are in a bespoke domain-specific language called Bru which could be considered a drawback. There’s an interesting discussion on GitHub on why the developers felt this was justified.
• It’s easy to set up multiple environments with variables, including secret variables that aren’t saved in the collection files. Secret variables can either be set from a .env file (which would be excluded from version control) or through the UI.
• It mostly works as you’d expect from a Postman-like tool, with a very familiar workflow that I was able to get started with immediately.
• You can set variables and headers at all hierarchy levels - collection, folder and request, with sensible inheritance. This is decent selling point over Postman.

Less positive impressions:

• The OAuth implementation is was (see below) seriously lacking. It requires custom scripting to wrangle tokens around, and it doesn’t refresh tokens automatically - Postman does this (assuming it has a refresh token and you give it the necessary config) and it’s really quite nice. The Bruno team are actively working on a new OAuth implementation that should fix at least some of the pain here.

  • The new OAuth implementation has been released in the last couple of days as of this writing, after my testing and initial notes. I haven’t tried the new workflow, but based on the announcement post all of my concerns seem to have been addressed 👍.

• I managed to make the app crash by directly updating some of the collection files while the UI was open. This could easily happen if you store the files in version control and change branch or pull. I was able to make some changes without issue, so I suspect I just got (un)lucky and that there are just a few critical files/values that cause this. This has the feel of a very fixable bug; I wouldn’t be surprised if this has already been addressed.

To summarise, I would really recommend trying Bruno.