Basic Access Authentication is a simple HTTP authentication scheme which consists in a client providing a username and password when making a request to a server in order to access protected resources and services.

Sending authenticated requests

To send an authenticated request using the Basic Access Authentication scheme, the client must include the credentials in the Authorization header of the HTTP request in the form of a Base64-encoded string using the following format:

Authorization: Basic <username>:<password>

Where:

• <username> is a username or an email address.

• <password> is the password associated with the username on the server.

For example, the following command will send an HTTP GET request containing the Base64-encoded credentials johndoe@mail.com:helloworld in the Authorization header to the URL example.com:

$ curl -H "Authorization: Basic am9obmRvZUBtYWlsLmNvbTpoZWxsb3dvcmxk" example.com

Security considerations

Because the credentials are encoded and not encrypted, this method doesn't actually provide confidentiality protection against network sniffing tools and must be used over an encrypted protocol, such as HTTPS.