[31.03 07:56] Sophie Türling (Gast)

And here's what James told me about these Params Auth, Header Auth...

• Body Auth: The data is sent in the body of a POST request to the API like: {"username":"james","password":"abc123"}
• Header Auth: The data needs to be sent in specific headers of the login request. For instance, there could be a required header like "x-username" which gets the username info, or it could use the standard "Authorization" header, which also has a variety of ways it can be designated
• Params Auth: The login data is appended to the URL to perform a login, like:https://api.example.com/login?username=james&password=abc123

And if I understand correct, the fields are just for some more flexibility, as some apps have username and other apps email or something like that and we can define the fields then

[30.03 13:36] James Weber

The other options refer to how the API requires the Authorisation data to be sent to them. For instance:

• Body Auth: The data is sent in the body of a POST request to the API like: {"username":"james","password":"abc123"}
• Header Auth: The data needs to be sent in specific headers of the login request. For instance, there could be a required header like "x-username" which gets the username info, or it could use the standard "Authorization" header, which also has a variety of ways it can be designated
• Params Auth: The login data is appended to the URL to perform a login, like:https://api.example.com/login?username=james&password=abc123

[30.03 13:39] James Weber

The Session Auth setup also allows for more complicated setups, like declaring the fields client_id and username above, and then sending the username field to the API as "{{fields.client_id}}+{{fields.username}}" which would then send the username as both of those values concatenated with a plus sign between them