Http - Authorization Header (authentication entries)

About

authorization is a header that contains credentials to authenticate a user known also as Authentication entry.

Syntax

In the request, you would see the following [header|header]] 

Authorization: CredentialType <token>

Type and Authentication entry

Basic

The basic authentication value contains the password credentials

Example: 

Authorization: Basic dXNlcjpwYXNzd29yZA==

ie where:

Digest

Authentication - HTTP Digest Access Authentication

Bearer

A bearer is a token with a free form format. The format is known only from the application.

Example: 

Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6ImFQY3R3X29kdlJPb0VO
ZzNWb09sSWgydGlFcyIsImtpZCI6ImFQY3R3X29kdlJPb0VOZzNWb09sSWgydGlFcyJ9.eyJhdWQiO
iJodHRwczovL21hbmFnZW1lbnQuY29yZS53aW5kb3dzLm5ld............

sso_key

Authorization: sso_key key:value
Authorization: sso_key e902odRf8RFKz_Pmn2CTwRZjdcdUg3abAoCe:QotBm9tBasNdRU22PjGnju

Glossary

Bearer-Only

When an authentication is bearer-only, it means that the authentication requires a authorization header.

1)

1)
Authorization HTTP




Discover More
Authentication - HTTP Digest Access Authentication

Digest access authentication is an http authentication method based on authorization entry. It is intended (as a security trade-off) to replace unencrypted HTTP basic access authentication. It is not,...
Jwt Auth Flow
Authentication - Jwt (Json web token)

json web token is a token. It's also known as jot. When a JWT is signed, it becomes a JWS and can be used for sender authentication and authorization. The main purpose of JWTs is to transfer (ie identity...
Authentication - Token

A token is a authentication material Token-based authentication is implemented by: generating a token when the user authenticates and then setting that token in the Authorization header of each...
Oauth
Oauth - Bearer Token

bearer token is a access token implementation defined in the OAuth 2.0 Authorization Framework The token may be: a Json Web Token (JWT) or another access token. Any party in possession of a...
Web Service - Representational State Transfer (REST|RESTful) Web services

Representational State Transfer (REST) Web services, or “RESTful” Web services describes any simple interface that transmits data over a standardized interface (such as HTTP) without an additional...
What are the HTTP Authentication schemes and methods?

This page lists the HTTP authentication schemes and the HTTP components that they used Via the Http Authorization Header: Basic Bearer Digest Others: DPoP HOBA 7486rfc 7486, Section 3...
Soap Ui Basic Authentication
What is and how works the Basic Authentication scheme? (HTTP)

Basic Access Authentication is an Authentication mechanism for HTTP request. To be authenticated, the request should have: the header authorization and its value should have this format: the basic...



Share this page:
Follow us:
Task Runner