Kansariwala Hetashri Dhavalkumar's Blog
API Authentication and Authorization using Postman

API Authentication and Authorization using Postman

Kansariwala Hetashri Dhavalkumar's photo
Kansariwala Hetashri Dhavalkumar
·

2 min read

Table of contents

Let's try out the 4 tier with an example using Postman

  1. No Authentication

    Just take a public API that requires no authentication that is no username and password and make a GET request using Postman as shown below, it will retrieve the data.

    The Public API I am using is https://hashnode.com/edit/clnsecwxh000008magee5dobd

  2. Basic Authentication

    Here in this, we will first register our username and password. So go to the Body Section hit the radio button (x-www-form-urlencoded) enter the key value as username and password give them a value and send a POST Request. As soon as you send you will get a message as Successfully registered.

The POST request is sent to https://secrets-api.appbrewery.com/register

Now go to the Authorization section in Postman and go to Basic Auth enter the register username and password and send the get request. Now we will see that you have retrieved some data.

The Get request is sent to https://secrets-api.appbrewery.com/all?page=1

  1. API Key Authorization

Firstly, we will generate the API Key as shown below.

As soon as you hit send the API Key will generate.

I have used:- https://secrets-api.appbrewery.com/generate-api-key

Now we will pass this API Key as a Query parameter and retrieve data

Go to the Authorization section, select the API Kry and enter the Key as apiKey, Value as the key which was previously gotten and select Add to Query Parameter and hit send, you will get data.

The Request sent here is:- https://secrets-api.appbrewery.com/filter?score=5&apiKey=05e98378-d3f6-4b58-a094-54c7c1656a82

  1. Token Based Authentication

Firstly we will get the token and then retrieve the data using that token.

Go to the body section go to x-www-form-urlencoded and enter the username and password that was previously generated in basic authentication and send the POST request, you will receive the token.

The token is generated using https://secrets-api.appbrewery.com/get-auth-token

Now go to the Authorization section and select Bearer Token and paste the generated token in that box and send the GET Request, you will receive some data.

The GET Request is sent to https://secrets-api.appbrewery.com/secrets/3

The API site I have used is https://secrets-api.appbrewery.com/

Conclusion

You can retrieve data using any tier. As we move to tier the security will increase so that's why we are using a username, password, API key, and token.

@WeMakeDevs @hashnodeWeMakeDevsPostmanauthenticationtoken