Basic access authentication

In the context of an HTTP transaction, basic access authentication is a method for an HTTP user agent (e.g. a web browser) to provide a user name and password when making a request. In basic HTTP authentication, a request contains a header field in the form of Authorization: Basic <credentials>, where <credentials> is the Base64 encoding of ID and password joined by a single colon :.

It was originally implemented by Ari Luotonen at CERN in 1993^[1] and defined in the HTTP 1.0 specification in 1996.^[2] It is specified in RFC 7617 from 2015, which obsoletes RFC 2617 from 1999.

^ Luotonen, Ari (10 September 2022). "Announcing Access Authorization Documentation". [email protected] (Mailing list). Retrieved 7 February 2022.
^ "Hypertext Transfer Protocol -- HTTP/1.0". www.w3.org. W3C. 19 February 1996. Retrieved 7 February 2022.

[1] Luotonen, Ari (10 September 2022). "Announcing Access Authorization Documentation". [email protected] (Mailing list). Retrieved 7 February 2022.

[2] "Hypertext Transfer Protocol -- HTTP/1.0". www.w3.org. W3C. 19 February 1996. Retrieved 7 February 2022.

[1]

[2]