Hypertext Transfer Protocol (HTTP) Authentication Scheme Registry
- Created
- 2014-02-17
- Last Updated
- 2025-02-18
- Available Formats
-
XML
HTML
Plain text
Registries Included Below
HTTP Authentication Schemes
- Registration Procedure(s)
-
IETF Review
- Reference
- [RFC9110, Section 16.4.1]
- Available Formats
-
CSV
| Authentication Scheme Name | Reference | Notes |
|---|---|---|
| Basic | [RFC7617] | |
| Bearer | [RFC6750] | |
| Concealed | [RFC9729] | |
| Digest | [RFC7616] | |
| DPoP | [RFC9449, Section 7.1] | |
| GNAP | [RFC9635, Section 7.2] | |
| HOBA | [RFC7486, Section 3] | The HOBA scheme can be used with either HTTP servers or proxies. When used in response to a 407 Proxy Authentication Required indication, the appropriate proxy authentication header fields are used instead, as with any other HTTP authentication scheme. |
| Mutual | [RFC8120] | |
| Negotiate | [RFC4559, Section 3] | This authentication scheme violates both HTTP semantics (being connection-oriented) and syntax (use of syntax incompatible with the WWW-Authenticate and Authorization header field syntax). |
| OAuth | [RFC5849, Section 3.5.1] | |
| PrivateToken | [RFC9577, Section 2] | |
| SCRAM-SHA-1 | [RFC7804] | |
| SCRAM-SHA-256 | [RFC7804] | |
| vapid | [RFC 8292, Section 3] |
HTTP Mutual Authentication Algorithms
- Registration Procedure(s)
-
Expert Review
- Expert(s)
-
Rifaat Shekh-Yusef, Yutaka Oiwa
- Reference
- [RFC8120]
- Available Formats
-
CSV
| Token | Description | Reference | Change Controller |
|---|---|---|---|
| iso-kam3-dl-2048-sha256 | ISO-11770-4 KAM3, 2048-bit DL | [RFC8121] | IESG |
| iso-kam3-dl-4096-sha512 | ISO-11770-4 KAM3, 4096-bit DL | [RFC8121] | IESG |
| iso-kam3-ec-p256-sha256 | ISO-11770-4 KAM3, 256-bit EC | [RFC8121] | IESG |
| iso-kam3-ec-p521-sha512 | ISO-11770-4 KAM3, 521-bit EC | [RFC8121] | IESG |