I'm trying to write a Python script that downloads files from Sharepoint. Https Basic Auth is disabled, and i have to use OAuth2. Now, every How-To and Tutorial I've seen tells me i have to "register my app" on Sharepoint first, and then use my client id, secret etc. for logging in. Now i'm wondering, when i log into Sharepoint via browser, it only asks me for username and password. How does that work? Why doesn't it need client secret etc. in this case? And i know there are some ways to authenticate via browser in a program. Postman for example lets you choose "Authenticate via Browser". But it also asks for client id, secret etc. But as i wrote before, clearly, my browser can log in without all that stuff. So why does Postman need it? Why can't this browser window, opened by Postman, log in just like i can log in in a normal browser window?
My way of thinking so far was, that when i can access a resource via browser only using username/pw , i should also be able to access it similarly via any other REST client. Is this just wrong?
