Authentication
Basic Auth HTTP authentication

Basic Auth HTTP authentication

Authenticate using username and password.

HTTP authentication relies on the authentication framework built into HTTP. This makes it simple to implement and use. However, HTTP authentication schemes are not as secure as other alternatives.

The most common authentication schema used is "Basic", which is described on this page.

Pros

  • The "Basic" schema is simple to understand and implement
  • Leverages the HTTP protocol specification

Cons

  • Credentials are sent over plain text. The API must enforce a scure connection using TLS, that is only accept https:// URLs instead of http://.
  • Does not contain authorization scopes or other context about the calling user or application beyond their username.

OpenAPI reference

{
  "openapi": "3.1.0",
  "info": {
    "title": "HTTP Authentication Example API",
    "version": "1.0.0"
  },
  "security": [
    {
      "Basic": []
    }
  ],
  "components": {
    "securitySchemes": {
      "Basic": {
        "type": "http",
        "scheme": "basic"
      }
    }
  }
}

Further reading

Was this page helpful?

Made by Criteria.

GitHub