authentication authorization code example

Example 1: difference between authentication and authorization

web security systems are based on a two-step process. 
The first step is authentication, which 
ensures the user identity
second step is authorization, which 
allows the user to access the various resources 
based on the user's identity.

Example 2: basic authorization

Authorization :
It's a process of granting or denying access to resources.
Mostly it happens after Authentatication.

Most of the projects I worked on use Bearer token
with JWT in Authorizaiton header.
I have endpoint that I can use to generate this token
and pass it to the each requests in my test.

Different ways to making authorized request:
1- Basic Auth
       (providing username and password along with each request)
2- Api Keys
       (It is provided token by the api vendor and
        it could be as query parameter or header
3- Bearer Token
       (We can get it by requesting to certain endpoint)
       Most known jwt(json web token)
4- Auth2
      (A much more secure way of authorizing your request
      The flow is similar to Login with facabook,google
       Eventually the token still get added to the 
       Authorization header)