Digest Authorization is one of the authorization techniques provided by Postman. In this technique, the client first sends the request to the API and get responses from the server including a number which is usable only once, a realm value and 401 unauthorized response. We will be then sent back an encrypted data array having both username and password along with the data received from the server earlier. The server uses this data to generate an encrypted data string and compares this with what was sent for authenticating the request.
We can do this by selecting the Authorization tab, then selecting “Digest Auth” from the drop-down list. Postman window presents the fields for both stages of the authentication request. The fields required for the second stage of the request are auto-filled based on the data received from the server.
