Internet Assigned Numbers Authority
Hypertext Transfer Protocol (HTTP) Authentication Scheme Registry
Created
2014-02-17
Last Updated
2025-02-18
Available Formats
[IMG]
XML [IMG]
HTML [IMG]
Plain text
Registries included below
• HTTP Authentication Schemes
• HTTP Mutual Authentication Algorithms
HTTP Authentication Schemes
Registration Procedure(s)
IETF Review
Reference
[RFC9110, Section 16.4.1]
Available Formats
[IMG]
CSV
Authentication Scheme Name Reference Notes
Basic [RFC7617]
Bearer [RFC6750]
Concealed [RFC9729]
Digest [RFC7616]
DPoP [RFC9449, Section 7.1]
GNAP [RFC9635, Section 7.2]
The HOBA scheme can be used with either HTTP servers or proxies. When used in response to a
HOBA [RFC7486, Section 3] 407 Proxy Authentication Required indication, the appropriate proxy authentication header
fields are used instead, as with any other HTTP authentication scheme.
Mutual [RFC8120]
This authentication scheme violates both HTTP semantics (being connection-oriented) and
Negotiate [RFC4559, Section 3] syntax (use of syntax incompatible with the WWW-Authenticate and Authorization header field
syntax).
OAuth [RFC5849, Section 3.5.1]
PrivateToken [RFC9577, Section 2]
SCRAM-SHA-1 [RFC7804]
SCRAM-SHA-256 [RFC7804]
vapid [RFC 8292, Section 3]
HTTP Mutual Authentication Algorithms
Registration Procedure(s)
Expert Review
Expert(s)
Rifaat Shekh-Yusef, Yutaka Oiwa
Reference
[RFC8120]
Available Formats
[IMG]
CSV
Token Description Reference Change Controller
iso-kam3-dl-2048-sha256 ISO-11770-4 KAM3, 2048-bit DL [RFC8121] IESG
iso-kam3-dl-4096-sha512 ISO-11770-4 KAM3, 4096-bit DL [RFC8121] IESG
iso-kam3-ec-p256-sha256 ISO-11770-4 KAM3, 256-bit EC [RFC8121] IESG
iso-kam3-ec-p521-sha512 ISO-11770-4 KAM3, 521-bit EC [RFC8121] IESG
Licensing Terms