HTTP Proxy-Authorization Header

By: Dusty Arlia
Published on Sunday, April 13, 2014, 06:38 PM
Last Updated on Saturday, July 11, 2015 at 3:00 PM
Total Updates: 3

The Proxy-Authorization HTTP header allows the client to identify itself to a proxy that requires authentication. Its value consists of credentials containing the authentication information of the client for the proxy and/or realm of the resource being requested (Proxy-Authorization = credentials; The name of this HTTP header could be misleading as you would think it should be called Proxy-Authentication).

Unlike the Authorization HTTP header, the Proxy-Authorization header field applies only to the next inbound proxy that demanded authentication using the Proxy-Authenticate field. When multiple proxies are used in a chain, the Proxy-Authorization header field is consumed by the first inbound proxy that was expecting to receive credentials. A proxy MAY relay the credentials from the client HTTP request to the next proxy if that is the mechanism by which the proxies cooperatively authenticate a given HTTP request.

Here is an example:

Proxy-Authorization: Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==