Basic Authentication

Basic Authentication is a method for an HTTP user agent (e.g., a web browser) to provide a username and password when making a request.

When employing Basic Authentication, users include an encoded string in the Authorization header of each request they make. The string is used by the request's recipient to verify users' identity and rights to access a resource.

The Authorization header follows this format:


_10Authorization: Basic <credentials>

We then construct the credentials like this:

The user's username and password are combined with a colon.
The resulting string is base64 encoded.

So if your username and password are twilio and ahoy!, the combination is twilio:ahoy!, and when base64 encoded, this becomes dHdpbGlvOmFob3kh. So requests made by this user would be sent with the following header:


_10Authorization: Basic dHdpbGlvOmFob3kh

When your server or Twilio Function receives this request, it can access the Authorization header, decode the credentials, and look up the user to determine if they should be allowed access to the requested resource.

Rate this page:

12345

Need some help?

We all do sometimes; code is hard. Get help now from our support team, or lean on the wisdom of the crowd by visiting Twilio's Stack Overflow Collective or browsing the Twilio tag on Stack Overflow.