Back to HTTP Headers
Request

HTTP Authorization Header

Contains credentials to authenticate the client with the server. Commonly used for Bearer tokens, Basic auth, and API keys.

Purpose

Provides authentication credentials so the server can verify the client's identity before processing the request.

Authorization: Bearer <token> Authorization: Basic <base64-credentials> Authorization: Apikey <key>

Code Examples

See how to use the Authorization header in different tools and languages.

curl -H "Authorization: Bearer eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiIxMjM0NTY3ODkwIn0.dozjgNryP4J3jVmNHl0w5N_XgL0n3I9PlFUP0THsR8" https://api.example.com/protected
curl -u username:password https://api.example.com/protected

Related Headers

WWW-Authenticate

Indicates the authentication scheme that should be used to access the requested resource. Sent alongside 401 Unauthorized responses.

Cookie

Sends stored HTTP cookies from the client to the server. Contains name-value pairs that maintain session state across requests.

Set-Cookie

Sends cookies from the server to the client. The client stores them and sends them back with subsequent requests via the Cookie header.

Test Your APIs

API Response Time Checker

Test your APIs and inspect response headers in real-time

HTTP Headers Reference

Complete reference of all HTTP request and response headers

authorization headerhttp authorizationhttp headers guide