[go: up one dir, main page]
Scribd
Upload
41 views3 pages

Authorization Types in Postman

Uploaded by

kj.abhijith22
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
41 views3 pages

Authorization Types in Postman

Uploaded by

kj.abhijith22
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 3

Authorization Types in Postman

Authorization is a process of verifying the identity of a user or system to access APIs securely.
Postman supports various authorization types to interact with APIs.

1. Basic Auth
• How it works: Uses a username and password encoded into the request header.

• Use Case: Simple APIs with basic authentication.

Example 1:

Request:
GET: https://postman-echo.com/basic-auth
Auth Type: Basic Auth

• Username: postman

• Password: password

Example 2:

Request:
GET: http://the-internet.herokuapp.com/basic_auth
Auth Type: Basic Auth

• Username: admin

• Password: admin

2. Digest Auth
• How it works: Similar to Basic Auth, but more secure as it uses encryption.

• Use Case: APIs requiring added security over Basic Auth.

Example:

Request:
GET: https://postman-echo.com/basic-auth
Auth Type: Digest Auth

• Username: postman

• Password: password

https://www.pavanonlinetrainings.com https://www.youtube.com/@sdetpavan
3. API Key
• How it works: Uses a unique key provided by the API provider to authenticate.

• Use Case: Public APIs like weather or stock market services.

Example: OpenWeatherMap API

Request:
GET: https://api.openweathermap.org/data/2.5/weather?q=Delhi&appid={API key}

Auth Type: API Key

• Key: appid

• Value: fe9c5cddb7e01d747b4611c3fc9eaf2c

• Add to: Query Params

4. Bearer Token
• How it works: Uses a token as a secure identifier for a user or app.

• Use Case: APIs requiring user authorization or personal data access.

Example: GitHub API

Request:
GET: https://api.github.com/user/repos

Auth Type: Bearer Token

• Token: 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

Note: You need to generate this token from your GitHub account.

5. OAuth 2.0
• How it works: A complex and secure method to authorize users by using access tokens, often
involving a login flow.

• Use Case: Used in platforms like Google, Facebook, or Imgur for user authentication.

Example: Imgur API

Request:
GET: https://api.imgur.com/3/account/me/images

Auth Type: OAuth 2.0

• Note: Tokens are generated through the OAuth process.

https://www.pavanonlinetrainings.com https://www.youtube.com/@sdetpavan
Summary

Each authorization type serves a different purpose:

• Basic Auth: Username and password (simple and quick).

• Digest Auth: More secure than Basic Auth.

• API Key: A unique key to authenticate (public APIs).

• Bearer Token: A token-based secure method (user-specific access).

• OAuth 2.0: The most secure and widely used for user authentication.

https://www.pavanonlinetrainings.com https://www.youtube.com/@sdetpavan

You might also like