HTTP-header based Oauth vs non-header based


#1

I understand that HTTP-header based authorization you need to create an Authorization header with your key value pairs, while in non header based authorization you simply create a query string with your key value pairs but I have 2 questions

1-When would you use one way over another?

and
2- Are there any rules in regards to POST vs GET for either method? i.e. if using header based authorization do you HAVE TO use a POST request?