> For clean Markdown content of this page, append .md to this URL. For the complete documentation index, see https://learning.postman.com/llms.txt. For full content including API reference and SDK examples, see https://learning.postman.com/llms-full.txt.

# Authenticate with Hawk access authentication in Postman

Hawk authentication enables you to authorize requests using partial cryptographic verification.

To use Hawk authentication, do the following:

1. In the **Authorization** tab for a request, select **Hawk Authentication** from the **Auth Type** dropdown list.

2. Enter your details in the **Hawk Auth ID**, **Hawk Auth Key**, and **Algorithm** fields. You can optionally set advanced details, but Postman will try to generate values for them if necessary.

When the required details are complete in the **Authorization** tab for your request, Postman will add them to the **Headers** tab.

The Hawk Authentication parameters are as follows:

* **Hawk Auth ID** - Your API authentication ID value.
* **Hawk Auth Key** - Your API authentication key value.
* **Algorithm** - The hash algorithm used to create the message authentication code (MAC).
* Advanced parameters:
  * **User** - The username.
  * **Nonce** - A random string generated by the client.
  * **ext** - Any application-specific information to be sent with the request.
  * **app** - The binding between credentials and the application to prevent an attacker using credentials issued to someone else.
  * **dlg** - The ID of the application the credentials were issued to.
  * **Timestamp** - Timestamp the server uses to prevent replay attacks outside the time window.
  * **Include payload hash** - When enabled, includes a hash of the request payload in the signature.