Basic Auth Header Generator

Generate or decode an HTTP Basic Authentication Authorization header from a username and password.

Input data is processed in your browser
Data is never sent to a server

Tool

Base64-encodes "username:password" to build an HTTP Authorization header. Everything is processed locally in your browser.

What is the Basic Auth Header Generator?

This tool instantly builds the Authorization: Basic <Base64 string> header required for HTTP Basic Authentication from a username and password. It also includes a decode mode to recover the username and password from an existing header.

Common Use Cases

  • Testing API connectivity with curl or an API client
  • Testing legacy systems or IoT devices that rely on Basic auth
  • Inspecting and debugging an existing Authorization header

A Note on Security

Because Base64 is an encoding, not encryption, Basic auth credentials are not protected in transit on their own. Always use it over HTTPS in production, and consider a more secure scheme such as OAuth 2.0 or API keys where possible.

How to Use

  1. On the "Generate" tab, enter a username and password to automatically build a Base64-encoded Authorization header.
  2. Use the copy button to copy the full header string to your clipboard.
  3. On the "Decode" tab, paste an existing Basic auth header or Base64 string to recover the username and password.

FAQ

What is HTTP Basic Authentication?

HTTP Basic Authentication is a simple authentication scheme defined in RFC 7617. It Base64-encodes a "username:password" string and sends it in the HTTP Authorization header as "Basic <encoded string>".

Is Base64 encoding the same as encryption?

No. Base64 is just a character encoding scheme, not encryption — anyone can decode it back to the original string. Basic auth must always be used over HTTPS (TLS) to protect the credentials in transit.

Where can I use the generated header?

You can use it with curl's `-H "Authorization: Basic ..."` option, tools like Postman, or the HTTP client of any programming language.

Are my username and password saved anywhere?

No. This tool processes your input entirely in the browser — nothing is sent to a server or saved to localStorage.