The Assyst Wiki is a lacking on the details on how to authenticate against the API, and is at times providing seemingly contradicting information when reading different articles. This paired with no examples of how to authenticate depending on the installed authentication mechanisms cause a lot of confusion. 

Are there examples of how to authenticate against the assystREST API depending on the different Server Security Mappings selected for assystREST? How does one go about to use bearer tokens when authenticating a postman query, a 3rd party software, or an external script?

To illustrate what I’m looking for: 
As an example using Kerberos, this would work when a PowerShell script is ran, and the script contains a dedicated service user’s username and password. 

PowerShell script example:   
$url ="https://<server>:<port>/assystREST/v2/raml"
 
   $cred = (New-Object system.management.automation.pscredential("%username%", (ConvertTo-SecureString '%password%' -AsPlainText -Force)))
   $retur_xml = Invoke-RestMethod -Uri $url -contentType "application/xml" -Method GET -Credential $cred

My goal is to figure out what other more secure methods can be used on the same security domain (Kerberos) and help our engineers no longer having to store passwords directly in a script. And also to prepare for a slow migration to a different security domain, and part of this is then figuring out to how to go about authenticating to assystREST when using the other kinds of security domains for assystREST (such as Azure AD, OAuth, etc.).