Loading tool…
How to Generate Basic Auth Headers
The Basic Auth Generator builds the Authorization: Basic header value and curl examples from a username and password.
- Enter a username and password.
- View the generated Base64-encoded Authorization header and ready-to-use curl command.
- Copy the header value for use in API clients like Postman, Insomnia, or fetch().
How Basic Authentication Works
HTTP Basic Authentication encodes credentials as Base64(username:password) and sends them in the Authorization header: 'Authorization: Basic dXNlcjpwYXNz'. The server decodes the header to extract the username and password. Basic Auth is simple but transmits credentials in every request, so it should only be used over HTTPS.
Why Use Our Basic Auth Generator?
- Instant header — paste username and password, get the header value.
- curl command — ready-to-copy curl example with the -H flag.
- UTF-8 aware — handles international characters in usernames and passwords.
- Private — credentials never leave your browser.
Frequently Asked Questions
Is Basic Auth secure?
Basic Auth sends credentials as Base64, which is trivially decoded. It is secure only when used over HTTPS. For production APIs, prefer OAuth2 or API key authentication.
Can I use this with Postman?
Yes. Copy the full Authorization header value and paste it into Postman's header tab, or use Postman's built-in Basic Auth helper.
Does Base64 mean the password is encrypted?
No. Base64 is encoding, not encryption. Anyone who intercepts the header can decode it. Always use HTTPS.
Is my password stored?
No. The encoding happens in your browser. No data is sent to any server.