ZeroTool Workbench

Basic Auth Header Generator

Generate and decode HTTP Basic Authentication headers in your browser. Copy Authorization headers, Base64 tokens, cURL examples, and Fetch snippets with no upload.

100% Client-Side Your data never leaves your browser Free · No Sign-Up

Generate Basic Auth Header

Create an Authorization header from a username and password.

Decode Basic Auth Header

Paste a full Authorization header, a Basic token, or a raw token.

Basic auth is Base64 encoding, not encryption. Use HTTPS when sending it.

Related Tools

JWT Decoder Decode and inspect JWT header, payload, and signature. Highlights expiry status and timestamp claims. JWT Generator / Signer Generate and sign JWT tokens (HS256, HS384, HS512) entirely in your browser. Paste or edit header and payload JSON, set your secret, and copy the signed token. HMAC Generator Generate HMAC signatures using SHA-256, SHA-384, or SHA-512. Hex and Base64 output. Runs entirely in your browser. cURL to Code Converter Convert cURL commands to Python, JavaScript, Go, PHP, and Node.js code instantly. Hash Generator Generate MD5, SHA-1, SHA-256, SHA-384, and SHA-512 hashes from any text. Password Generator Generate cryptographically secure passwords. Customize length and character sets with entropy meter.

Use this Basic Auth Header Generator to create the exact Authorization: Basic <token> value required by many HTTP APIs, reverse proxies, legacy dashboards, and test endpoints.

The token is the Base64 form of username:password. The tool joins the username and password with a colon, encodes that pair as UTF-8, then converts the bytes to Base64. ASCII credentials are safest for broad Basic Auth compatibility; if you use non-ASCII credentials, verify that the target server expects UTF-8. It can also decode an existing Basic auth header so you can verify copied credentials before using them in a request.

Basic auth is convenient for API checks, reverse proxy rules, testing dashboards, and quick cURL or Fetch snippets. It is not secret by itself: Base64 is encoding, not encryption, and it is reversible. Treat HTTPS as the transport protection boundary whenever an Authorization header crosses the network.

All generation and decoding run in your browser. Credentials are not uploaded and are not persisted by this page.

FAQ

Is Basic auth encrypted?

No. Basic auth uses Base64 encoding, not encryption. Send Basic auth only over HTTPS.

Can I decode an existing Basic auth header?

Yes. Paste a full Authorization header, a Basic token, or a token-only value to inspect the username and password pair.

Are credentials uploaded?

No. Generation and decoding run in your browser, and this tool does not persist entered credentials.