I strongly encourage the use of git or other source repositories, shared postman accounts to test individual API calls works well too. Best practice is to maintain both the domain name and session IDs as separate parameters in your environmental variables. Thus you can switch from mydomain.preview.workfront.com to mydomain.my.workfront.com with a single variable update instead of lots of hardcoding. In a similar manner the session keys can be updated periodically for security without breaking code. We also recommend that the API acts as a dedicated API user vs sharing a login with a named user of your system. This way API updates can be audited separately and reports don't break if the admin changes down the line. Melinda Layten Technical Project Manager - API and Integration Workfront