api authentication and authorization code example
Example 1: api authentication
I use bearer tokens in my current framework.
I send a get request to special API endpoint by providing valid
credentials, then it will return Access Token. I use that token
in my request header and access other API endpoints
Example 2: authorization type in api
Authorization :
It's a process of granting or denying access to resources.
Mostly it happens after Authentatication.
Most of the projects I worked on use Bearer token
with JWT in Authorizaiton header.
I have endpoint that I can use to generate this token
and pass it to the each requests in my test.
Different ways to making authorized request:
1- Basic Auth
(providing username and password along with each request)
2- Api Keys
(It is provided token by the api vendor and
it could be as query parameter or header
3- Bearer Token
(We can get it by requesting to certain endpoint)
Most known jwt(json web token)
4- Auth2
(A much more secure way of authorizing your request
The flow is similar to Login with facabook,google
Eventually the token still get added to the
Authorization header)