# Authorization You don't get to choose the authorization method, it is defined by the endpoint. When you look at the endpoint documentation, you can normally find a section called authorization or authentication. You can look for a page called authentication or authorization. Custom cards support the default 'Authorization' header or custom headers. ![](/assets/auth-methods.c0d03e27bdfeb7123af11ab76aca7f6d37c248d6db6e9675e9fee2c2281472a3.fcd6b147.png)Showing the choice between OAuth or Authorization header. ## Authorization header If you select the **Authorization header**, you must choose either **Basic, Baerer,** or **Custom** in the **Authorization header** dropdown**.** - With the **Basic** authorization, you will be asked to provide the user and password required for the 3rd party API (the information will be encoded in base64 and [passed to the 3rd party](https://en.wikipedia.org/wiki/Basic_access_authentication)). ![Basic Authorization in Dixa](/assets/basic.de63b1dbb5758c5debb05ce34a49b3ba3969daa7bd35e68372d725a17d640bc8.fcd6b147.png) - If you select the **Bearer** authorization type, then you will be required to specify the token from the third-party API (the information [will be passed with the Bearer prefix](https://swagger.io/docs/specification/authentication/bearer-authentication/)) ![Bearer Authorization in Dixa](/assets/bearer.d08941ba19526237070e08764fe19acc703a981e24879dbb1efc21f9196ca377.fcd6b147.png) - If you select the **Custom** Authorization type, you can specify the prefix to be used inside the Authorization header. ![Custom Authorization in Dixa](/assets/custom.00130e0df9be2d7047d627b639f2b56cfe562eec003d66a20a006d71433a08ad.fcd6b147.png) ## Custom header If the API you are connecting to requires additional or alternative headers (like **x-api-key** for an Amazon-hosted system), then you can use the Custom Header option to add additional key-value headers. ![Custom Headers in Dixa](/assets/custom-header.5b3c728927419db186dbed413b40f2f9a5fd558807c265a0b3c5995c271686dd.fcd6b147.png) Depending on your system's authorisation needs, custom headers can be used in addition or as a replacement for Authorization headers.