이 문서는 아직 자원 봉사자들이 한국어로 번역하지 않았습니다. 참여해서 번역을 마치도록 도와 주세요!
English (US)의 문서도 읽어보세요.

The HTTP WWW-Authenticate response header defines the authentication method that should be used to gain access to a resource.

The WWW-Authenticate header is sent along with a 401 Unauthorized response.

Header type Response header
Forbidden header name no

Syntax

WWW-Authenticate: <type> realm=<realm>

Directives

<type>
Authentication type. A common type is "Basic". IANA maintains a list of Authentication schemes.
realm=<realm>
A description of the protected area. If no realm is specified, clients often display a formatted hostname instead.
charset=<charset>
Tells the client the server's prefered encoding scheme when submiting a username and password. The only allowed value is the case insensitive string "UTF-8". This does not relate to the encoding of the realm string.

Examples

Typically, a server response contains a WWW-Authenticate header that looks like these:

WWW-Authenticate: Basic

WWW-Authenticate: Basic realm="Access to the staging site", charset="UTF-8"

See also HTTP authentication for examples on how to configure Apache or nginx servers to password protect your site your HTTP basic authentication.

Specifications

Specification Title
RFC 7235, section 4.1: WWW-Authenticate HTTP/1.1: Authentication
RFC 7617 The 'Basic' HTTP Authentication Scheme

Browser compatibility

FeatureChromeEdgeFirefoxInternet ExplorerOperaSafari
Basic support1 ?1 ? Yes ?
FeatureAndroid webviewChrome for AndroidEdge mobileFirefox for AndroidOpera AndroidiOS SafariSamsung Internet
Basic support ? Yes ? Yes Yes ? ?

See also

문서 태그 및 공헌자

이 페이지의 공헌자: fscholz, mfuji09, rmdso, callumgare, teoli
최종 변경자: fscholz,