Try this exercise. Fill in the missing part by typing it in.

To handle authentication and authorization in API testing, you can follow these __:

1. Obtain authentication ___: Obtain the necessary credentials (such as API keys, access tokens, or usernames/passwords) to authenticate your API requests. These credentials should be provided in the request headers or through other authentication mechanisms supported by the API.

2. Include authentication in your API requests: Include the authentication credentials in the headers or request parameters of your API requests. The API server will validate these credentials to authenticate the user making the request.

3. Verify authorization ___: Once authenticated, you should verify that the authenticated user has the required permissions to access the requested resource or perform the requested action. This can include checking the user's role, permissions, or any other authorization rules defined by the API.

4. Test different authentication scenarios: Test your API endpoints with different authentication scenarios, such as valid and invalid credentials, expired tokens, or revoked access. Ensure that the API handles these scenarios gracefully and returns appropriate error messages or status codes.

In summary, handling authentication and authorization in API testing involves obtaining authentication credentials, including authentication in API requests, verifying authorization permissions, and testing different authentication scenarios.