Proxy-Authorization

The HTTP Proxy-Authorization request header contains the credentials to authenticate a user agent to a proxy server, usually after the server has responded with a 407 Proxy Authentication Required status and the Proxy-Authenticate header.

Header type Request header
Forbidden header name no

Syntax

Proxy-Authorization: <type> <credentials>

Directives

<type>

Authentication type. A common type is "Basic". See also the IANA registry of Authentication schemes.

<credentials>

The credentials are constructed like this:

  • The username and the password are combined with a colon (aladdin:opensesame).
  • The resulting string is base64 encoded (YWxhZGRpbjpvcGVuc2VzYW1l).

Note: Base64 encoding does not mean encryption or hashing! This method is as secure as sending the credentials in clear text (base64 is a reversible encoding). It is preferable to use HTTPS in conjunction with Basic Authentication.

Examples

Proxy-Authorization: Basic YWxhZGRpbjpvcGVuc2VzYW1l

Specifications

Specification
RFC 7235
# header.proxy-authorization

See also