Randall Degges – Why I Love Basic Auth

Let’s talk about Basic Auth:

  • It’s a well and clearly defined specification.
  • It’s been around since ~1996.
  • It’s super simple.

Here’s the short version of how it works.

  • You are a developer.
  • You have an API key pair: an API Key ID and an API Key Secret. Each of these is a randomly generated string (usually a uuid).
  • To authenticate against an API service, all you need to do is put your credentials into the HTTP Authorization header.

Source: Randall Degges – Why I Love Basic Auth