Skip to main content

Provide Authorization Credentials

Learning Objectives

After completing this unit, you’ll be able to:

  • Configure authorization details.
  • Use an Authorization helper.

Securely Access APIs

APIs may require authorization to ensure that client requests access data securely. This can involve authenticating the sender of a request and verifying that they have permission to access relevant data. The authorization model is specified by the API provider.

Configure Auth Details

You can pass auth details along with any request you send from Postman. Auth data can be included in a request header, body, or as parameters to a request.

The NASA Astronomy Picture of the Day API requires an API key be included with each request as a query parameter. Let’s see this in action.

  1. Select Picture of the Day.
  2. Deselect the api_key query parameter.
  3. Save your update.
  4. Then click Send. You see an error response.
    Picture of the Day with an error message in the Body

Go ahead and deselect the api_key query parameter in Pictures from November 2023 as well.

Make sure you Save your update. 

Let’s learn a new way to handle authorization in Postman.

Use Authorization Helpers

Under the Authorization tab of the request builder, you can enter and configure your auth details for Postman to automatically populate the relevant parts of the request. You can use an authorization helper for a request, folder, or collection.

Since all of the requests in the Trailhead module collection require the same authorization type, let’s add an authorization helper to the collection. 

  1. Select Trailhead module.
  2. Click the Authorization tab.
  3. Select API Key from the Type dropdown.
  4. Fill in the key value pairs.
    • Key: api_key
    • Value: {{nasa_api_key}}
  1. Select Query Params from the Add to dropdown.
    Authorization tab open and the Type, Key, Value, and Add to settings entered as described above
  2. Save your changes.
  3. Click into any request you have saved. You see that Postman automatically adds the proper credentials under the Params tab.

Remember to use variables and collections to define authorization details more safely and efficiently, letting you reuse the same information in multiple places. If you group your requests in collections and folders, you can specify auth details to reuse throughout a group.

In the next unit, let’s learn some ways to debug and troubleshoot when things aren’t going as expected.

Resources

Keep learning for
free!
Sign up for an account to continue.
Sign Up Login
What’s in it for you?
  • Get personalized recommendations for your career goals
  • Practice your skills with hands-on challenges and quizzes
  • Track and share your progress with employers
  • Connect to mentorship and career opportunities
Skip for now