Hypertext Transfer Protocol (HTTP) Authentication Scheme Registry

Created
2014-02-17
Last Updated
2015-03-11
Available Formats

XML

HTML

Plain text

Registry included below

HTTP Authentication Schemes

Registration Procedure(s)
IETF Review
Reference
[RFC7235]
Available Formats

CSV
Authentication Scheme Name Reference Notes
Basic [RFC-ietf-httpauth-basicauth-update-07]
Bearer [RFC6750]
Digest [RFC2617, Section 3]
HOBA [RFC7486, Section 3] The HOBA scheme can be used with either HTTP servers or proxies. When used in response to a 407 Proxy Authentication Required indication, the appropriate proxy authentication header fields are used instead, as with any other HTTP authentication scheme.
Negotiate [RFC4559, Section 3] This authentication scheme violates both HTTP semantics (being connection-oriented) and syntax (use of syntax incompatible with the WWW-Authenticate and Authorization header field syntax).
OAuth [RFC5849, Section 3.5.1]