Basic Auth Header Generator

Generate standard HTTP Authorization: Basic headers for API testing with Postman, cURL, or code.

How It Works

1. Combine: username:password
2. Base64 encode the combined string
3. Prepend Basic to get the header value
4. Send as: Authorization: Basic dXNlcjpwYXNz

Note: Basic Auth credentials are only Base64-encoded, not encrypted. Always use HTTPS.

About This Tool

HTTP Basic Authentication sends credentials as a Base64-encoded string in the Authorization request header, defined in RFC 7617. This generator takes a username and password, combines them as username:password, Base64-encodes the result, and outputs the ready-to-use header value. Use it when testing APIs in Postman or Insomnia, writing cURL commands, configuring NGINX basic auth, or generating auth headers for fetch/axios code.

How to Use

  1. Enter your Username and Password in the fields provided.
  2. The complete Authorization: Basic xxxxxxxx header is generated instantly.
  3. Copy the full header line to paste directly into Postman, cURL, or your HTTP client.
  4. Or copy just the token (the Base64 part) if your tool adds the header name separately.

Frequently Asked Questions

Is Basic Auth secure?

Only over HTTPS. Basic Auth credentials are Base64-encoded not encrypted so they are trivially readable if intercepted in transit. Always use HTTPS. Never use Basic Auth over plain HTTP on a production system.

How do I use this in a cURL command?

Add the header with the -H flag: curl -H "Authorization: Basic dXNlcjpwYXNz" https://api.example.com/endpoint. Alternatively, cURL has a shorthand: curl -u username:password https://api.example.com/endpoint.

Can my username contain a colon?

No. RFC 7617 prohibits colons in usernames because the format uses the first colon as the separator between username and password. Passwords, however, may contain colons.