Rostyman Collection Format

Rostyman uses its own JSON-based .rostyman format for exporting and importing collections. This format captures everything in a single file: requests, folders, variables, environments, auth, scripts, and examples.

Overview

Property	Value
File extension	`.rostyman` or `.json`
MIME type	`application/json`
Encoding	UTF-8
Version	`1.0`

Top-Level Structure

{
  "_type": "rostyman_collection",
  "_version": "1.0",
  "info": {
    "name": "My API Collection",
    "description": "Optional description",
    "exportedAt": "2026-03-25T12:00:00.000Z",
    "exportedFrom": "Rostyman 0.1.0-beta.9"
  },
  "auth": { ... },
  "preScript": "// runs before every request",
  "testScript": "// runs after every response",
  "variables": [ ... ],
  "environments": [ ... ],
  "items": [ ... ]
}

Required Fields

_type — must be "rostyman_collection"
_version — format version (currently "1.0")
info.name — collection name

Optional Fields

info.description — collection description
info.exportedAt — ISO 8601 timestamp
info.exportedFrom — Rostyman version that created the file
auth — collection-level authentication
preScript — JavaScript that runs before all requests
testScript — JavaScript that runs after all responses
variables — collection-scoped variables
environments — named variable sets
items — folders and requests (recursive tree)

Items (Requests & Folders)

Items form a recursive tree. Each item is either a request or a folder.

Request

{
  "type": "request",
  "name": "Get Users",
  "description": "Fetch paginated user list",
  "method": "GET",
  "url": "{{baseUrl}}/api/users",
  "params": [
    { "key": "page", "value": "1", "enabled": true, "description": "Page number" },
    { "key": "limit", "value": "20", "enabled": true, "description": "" }
  ],
  "headers": [
    { "key": "Accept", "value": "application/json", "enabled": true, "description": "" }
  ],
  "body": {
    "mode": "none"
  },
  "auth": { "type": "inherit" },
  "preScript": "",
  "testScript": "rm.test('Status is 200', () => rm.expect(rm.response.code).to.equal(200));",
  "examples": []
}

Supported methods: GET, POST, PUT, PATCH, DELETE, HEAD, OPTIONS

Folder

{
  "type": "folder",
  "name": "Users",
  "description": "User management endpoints",
  "items": [
    { "type": "request", "name": "Get Users", ... },
    { "type": "folder", "name": "Admin", "items": [ ... ] }
  ]
}

Folders can nest to any depth.

Body

{
  "mode": "raw",
  "raw": "{ \"name\": \"John\" }",
  "language": "json"
}

Mode	Fields	Description
`none`	—	No body
`raw`	`raw`, `language`	Raw text body
`formdata`	`formdata[]`	Multipart form data
`urlencoded`	`urlencoded[]`	URL-encoded form
`graphql`	`graphql.query`, `graphql.variables`	GraphQL query

Raw languages: json, xml, html, text, javascript, graphql

Form Data / URL-Encoded

{
  "mode": "formdata",
  "formdata": [
    { "key": "file", "value": "/path/to/file.png", "enabled": true, "description": "Upload" },
    { "key": "name", "value": "photo.png", "enabled": true, "description": "" }
  ]
}

GraphQL

{
  "mode": "graphql",
  "graphql": {
    "query": "query GetUser($id: ID!) { user(id: $id) { name email } }",
    "variables": "{ \"id\": \"123\" }"
  }
}

Authentication

{ "type": "none" }
{ "type": "inherit" }
{ "type": "bearer", "bearer": { "token": "{{accessToken}}" } }
{ "type": "basic", "basic": { "username": "admin", "password": "{{password}}" } }
{ "type": "api-key", "apikey": { "key": "X-API-Key", "value": "{{apiKey}}", "in": "header" } }

All auth types: none, inherit, bearer, basic, api-key, oauth2, oauth1, digest, aws, ntlm, hawk

OAuth 2.0

{
  "type": "oauth2",
  "oauth2": {
    "grantType": "authorization_code",
    "authUrl": "https://auth.example.com/authorize",
    "tokenUrl": "https://auth.example.com/token",
    "clientId": "my-app",
    "clientSecret": "{{clientSecret}}",
    "scope": "read write",
    "redirectUri": "https://localhost/callback",
    "token": ""
  }
}

Grant types: authorization_code, authorization_code_pkce, client_credentials, password, implicit

Variables

Collection-scoped variables available to all requests:

"variables": [
  {
    "key": "baseUrl",
    "value": "https://api.example.com",
    "type": "text",
    "enabled": true,
    "description": "API base URL"
  },
  {
    "key": "apiSecret",
    "value": "sk-...",
    "type": "secret",
    "enabled": true,
    "description": "API secret key"
  }
]

Types: text (default), secret (masked in UI)

Environments

Named variable sets for switching between configurations:

"environments": [
  {
    "name": "Local",
    "variables": [
      { "key": "baseUrl", "value": "http://localhost:3000", "type": "text", "enabled": true, "description": "" },
      { "key": "token", "value": "dev-token-123", "type": "secret", "enabled": true, "description": "" }
    ]
  },
  {
    "name": "Production",
    "variables": [
      { "key": "baseUrl", "value": "https://api.example.com", "type": "text", "enabled": true, "description": "" },
      { "key": "token", "value": "", "type": "secret", "enabled": true, "description": "Set before use" }
    ]
  }
]

Examples

Saved response examples for documentation:

"examples": [
  {
    "name": "Success",
    "statusCode": 200,
    "statusText": "OK",
    "headers": { "content-type": "application/json" },
    "body": "{ \"success\": true, \"data\": [] }"
  },
  {
    "name": "Unauthorized",
    "statusCode": 401,
    "statusText": "Unauthorized",
    "headers": { "content-type": "application/json" },
    "body": "{ \"error\": \"Invalid token\" }"
  }
]

Design Principles

No internal IDs — database IDs are never exported. New IDs are generated on import.
Variables as placeholders — {{baseUrl}} is exported literally, never resolved.
Single file — everything (requests, folders, variables, environments, auth, scripts, examples) in one JSON file.
Pretty-printed — 2-space indentation for readability and clean diffs.
Forward-compatible — the importer ignores unknown fields, so newer exports can be read by older versions.
Deterministic — fields are always in the same order for consistent diffs.

Exporting

Right-click a collection in the sidebar
Select Export
Choose Rostyman JSON format
Save the .rostyman file

Importing

Click Import in the sidebar header
Select your .rostyman file
Rostyman creates a new collection with all folders, requests, variables, environments, and scripts preserved

The importer also supports Postman (v2.1), Insomnia, OpenAPI, HAR, Thunder Client, Hoppscotch, Bruno, and cURL.

Overview​

Top-Level Structure​

Required Fields​

Optional Fields​

Items (Requests & Folders)​

Request​

Folder​

Body​

Form Data / URL-Encoded​

GraphQL​

Authentication​

OAuth 2.0​

Variables​

Environments​

Examples​

Design Principles​

Exporting​

Importing​