If you're integrating a third-party API, the required authorization will be specified by the API provider. If you're building an API, you can choose from a variety of auth models. This can involve authenticating the sender of a request and verifying that they have permission to access or manipulate the relevant data. APIs use authorization to ensure that client requests access data securely.