REST API Authentication

If you are looking to protect/restrict access to your Drupal REST APIs using your Identity provider, then you should go for the External Identity Provider Authentication method. 

Drupal API Authentication using an External Identity Provider involves the use of tokens received from third-party providers like Google, Azure AD, Keycloak, Okta, Gitlab, etc. for accessing Drupal rest APIs securely.

OAuth (Open Authorization) is an open standard for token-based authentication and authorization protocol that can be used to provide single sign-on (SSO). OAuth allows particular information about an end user's account to be used by third-party services, such as Facebook, etc without exposing the user's password. It acts as an intermediary on behalf of the end user, providing the service with an access token that authorizes specific account information to be shared.

Note: Drupal Core comes with a Basic Authentication module.

Basic Authentication is a very simple and straight-forward Authentication method. The client sends HTTP requests with an Authorization header that contains a base64-encoded  username and password of your Drupal site.