Authentication deals with ensuring that users are who they say they are. There are several approaches to authenticate users. This section will describe a few of the mechanisms provided by HTTP.
This is the simplest form of authentication in the HTTP specification. It relies on a username and password combination being passed as an
Authorization header to any HTTP request that mandates authentication.
When a client issues a request to an endpoint that requires authentication, the server will respond with a HTTP 401 Not Authorized response. The response will include the following header:
WWW-Authenticate: Basic realm="myRealm"
This header instructs the client that the user must be authenticated using the Basic ...