1. Overview
Authorization is the ability to verify that you have access to the required data from the server. When you send a request, you typically must include parameters to ensure that the request has permission to access and return the data that you want. Postman provides an authorization type that makes it easy to handle authentication protocols in a postman local application.
It should be noted that NTLM and Bearertoken are only available in postman local applications. All other authorization types can be used in postman local applications and chrome applications.
Authentication Authentication
1. Inherit Auth from parent (Inherit authentication from parental Class)
Adds authorization to a collection or folder.
Assume that you have added a folder to the collection. Under the Authorization tab, the default authorization type is set to inherit auth from the parent class.
The inherit auth from parent setting indicates that each request in the folder uses the authorization type of the parent class by default.
2, No Auth
By default, No Auth appears in the drop-down menu list. Use "No Auth" when you do not need authorization parameters to send requests.
3. Basic Auth
Is the basis of validation, so it will be relatively simple
Will directly put the user name, password information in the Header of the request
4, Digest Auth
is more complex than basic auth. Generates the authorization header with the currently filled value. So make sure the settings are correct before you generate the header. If the current header already exists, Postman will remove the previous header.
5. OAuth 1.0
Postman's OAuth helper lets you sign up to support OAuth
1.0 authentication-based requests. OAuth doesn't get access tokens, you need to go to the API provider to get them. OAuth 1.0 can set value in the header or query parameters.
6. OAuth 2.0
Postman supports obtaining OAuth 2.0 tokens and adding them to requests.
7. Bearer Token
Bearer token is a security token. Any user with bearer token can use it to access the data resource without using an encryption key.
Postman Authentication Authentication