An Airnode can authorize smart contracts (know as requesters) access to its endpoints using Authorizations. This method is off-chain and requires no blockchain knowledge by an API provider. It is different than Authorizers which is an on-chain auth scheme.
Alternative: Relayed Meta Data
As an alternative to authorizers and authorizations, an API provider can use Relayed Meta Data to authenticate a request. This approach is off-chain and requires no blockchain knowledge by the API provider. Note that it is possible to use authorizers, authorizations, and relayed meta data together.
Authorizations use scheme types that hard-code access to an Airnode's endpoints in the same file that defines the Airnode, its config.json file. These hard-coded values are endpointId/address pairs that the Airnode will use to allow access to its endpoints by requesters (smart contracts).
Nothing in authorizers can supersede permissions granted by authorizations as the latter takes precedence. Currently there is only one authorizations scheme type, requesterEndpointAuthorizations.