Proxy-Authorization

The HTTP Proxy-Authorization request header contains the credentials to authenticate a client with a proxy server, typically after the server has responded with a 407 Proxy Authentication Required status with the Proxy-Authenticate header.

Header type Request header
Forbidden header name Yes

Syntax

http
Proxy-Authorization: <auth-scheme> <credentials>

Directives

<auth-scheme>

Token indicating the authentication scheme, such as Basic, Bearer, etc. The IANA registry of Authentication schemes maintains a full list of available types.

<credentials>

Credentials use for the authentication scheme.

Examples

Basic authentication

In Basic auth, credentials are sent in the format <username>:<password> (for example, aladdin:opensesame). The resulting string is then base64 encoded (YWxhZGRpbjpvcGVuc2VzYW1l).

http
Proxy-Authorization: Basic YWxhZGRpbjpvcGVuc2VzYW1l

Warning: Base64 encoding is reversible, and therefore offers no cryptographic security. This method can be considered equivalent to sending the credentials in clear text. HTTPS is always recommended when using authentication, but is even more so when using Basic authentication.

Bearer authentication (auth token)

http
Proxy-Authorization: Bearer kNTktNTA1My00YzLT1234

Specifications

Specification
HTTP Semantics
# field.proxy-authorization

See also