1. What is Authentication?
- Answer: Authentication is the process of verifying the identity of a user or application accessing a system. In simpler terms, it answers the question, “Who are you?” Authentication ensures that the person or entity trying to gain access is authorized to do so. Common examples include usernames and passwords, API keys, and tokens.
2. What is Authorization?
- Answer: Authorization happens after successful authentication. It determines what actions or resources the authenticated user is allowed to access. It answers the question, “What are you allowed to do?” After authentication, authorization ensures that users only perform tasks or access data that they are permitted to.
3. What are the basic types of authentication in Postman?
- Answer: The common types of authentication methods in Postman include:
- No Auth: No authentication is needed for the request.
- API Key: A unique key sent either in headers or query parameters.
- Bearer Token: Uses an access token like JWT to authenticate requests.
- Basic Auth: A username and password are sent as Base64-encoded values.
- No Auth: No authentication is needed for the request.
