Scribd
Upload
48 views3 pages

Authorization Types in Postman

Uploaded by

kj.abhijith22
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
48 views3 pages

Authorization Types in Postman

Uploaded by

kj.abhijith22
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 3

Authorization Types in Postman

Authorization is a process of verifying the identity of a user or system to access APIs securely.
Postman supports various authorization types to interact with APIs.

1. Basic Auth
• How it works: Uses a username and password encoded into the request header.

• Use Case: Simple APIs with basic authentication.

Example 1:

Request:
GET: [Link]
Auth Type: Basic Auth

• Username: postman

• Password: password

Example 2:

Request:
GET: [Link]
Auth Type: Basic Auth

• Username: admin

• Password: admin

2. Digest Auth
• How it works: Similar to Basic Auth, but more secure as it uses encryption.

• Use Case: APIs requiring added security over Basic Auth.

Example:

Request:
GET: [Link]
Auth Type: Digest Auth

• Username: postman

• Password: password

[Link] [Link]
3. API Key
• How it works: Uses a unique key provided by the API provider to authenticate.

• Use Case: Public APIs like weather or stock market services.

Example: OpenWeatherMap API

Request:
GET: [Link] key}

Auth Type: API Key

• Key: appid

• Value: fe9c5cddb7e01d747b4611c3fc9eaf2c

• Add to: Query Params

4. Bearer Token
• How it works: Uses a token as a secure identifier for a user or app.

• Use Case: APIs requiring user authorization or personal data access.

Example: GitHub API

Request:
GET: [Link]

Auth Type: Bearer Token

• Token: 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

Note: You need to generate this token from your GitHub account.

5. OAuth 2.0
• How it works: A complex and secure method to authorize users by using access tokens, often
involving a login flow.

• Use Case: Used in platforms like Google, Facebook, or Imgur for user authentication.

Example: Imgur API

Request:
GET: [Link]

Auth Type: OAuth 2.0

• Note: Tokens are generated through the OAuth process.

[Link] [Link]
Summary

Each authorization type serves a different purpose:

• Basic Auth: Username and password (simple and quick).

• Digest Auth: More secure than Basic Auth.

• API Key: A unique key to authenticate (public APIs).

• Bearer Token: A token-based secure method (user-specific access).

• OAuth 2.0: The most secure and widely used for user authentication.

[Link] [Link]

You might also like