Skip to contentSkip to navigationSkip to topbar
Twilio Docs

Basic Authentication

Basic Authentication is a method for an HTTP user agent (e.g., a web browser) to provide a username and password when making a request.

When employing Basic Authentication, users include an encoded string in the Authorization header(link takes you to an external page) of each request they make. The string is used by the request's recipient to verify users' identity and rights to access a resource.

The Authorization header follows this format:

Authorization: Basic <credentials>

We then construct the credentials like this:

  1. The user's username and password are combined with a colon.
  2. The resulting string is base64(link takes you to an external page) encoded.

So if your username and password are twilio and ahoy!, the combination is twilio:ahoy!, and when base64 encoded, this becomes dHdpbGlvOmFob3kh. So requests made by this user would be sent with the following header:

Authorization: Basic dHdpbGlvOmFob3kh

When your server or Twilio Function receives this request, it can access the Authorization header, decode the credentials, and look up the user to determine if they should be allowed access to the requested resource.