Basic Auth Generator

Build `Basic base64(user:pass)` headers or parse existing ones for curl and API debugging.

Read the full guide: HTTP Basic and htpasswd: Use Cases, Generation, and Security →

Privacy: processed locally, never uploaded.

↓ Paste in the input area below to see results instantly

Username
Password

Output

Authorization header

Basic dXNlcjpwYXNzd29yZA==

Notes

Security note

Basic Auth is Base64 encoding, not encryption. Always use HTTPS; prefer OAuth or Bearer tokens in production.

Build `Basic base64(user:pass)` headers or parse existing ones for curl and API debugging.

Quick start

  1. Encode

    Enter username and password to get the full Authorization value.

  2. Decode

    Paste header with or without the Basic prefix.

Security reminder

Basic Auth is not encrypted; always use HTTPS and prefer short-lived tokens in production.

Typical Workflow

When debugging APIs, you often need to send authentication credentials to the server. Simply enter your username and password here to generate a standard `Basic dXNlcjpwYXNz` Authorization header. Copy it into your HTTP request headers for instant authentication setup.

The reverse operation is equally useful. When you encounter a Basic Auth header in logs or documentation, paste it here to reveal the plaintext credentials. This is invaluable for troubleshooting authentication issues without manual base64 decoding.

Examples

Example

Input

user:password

Output

Basic dXNlcjpwYXNzd29yZA==

FAQ

Special characters?

UTF-8 then Base64; some servers restrict colons in credentials.

Why is Basic Auth considered insecure?

Basic Auth transmits credentials in base64-encoded (not encrypted) form. Without HTTPS, they can be intercepted. Even with HTTPS, browsers may cache headers indefinitely. For critical systems, consider OAuth or JWT instead.