Which HTTP header is described as carrying the authentication credentials in requests?

• A. Authorization
• B. Authentication
• C. Content-Type
• D. User-Agent

Answer: (B)

The header that carries authentication credentials in HTTP requests is the Authorization header. It sends credentials by including an authentication scheme and the credentials themselves, such as “Authorization: Basic dXNlcjpwYXNz” or “Authorization: Bearer <token>.” The server reads this header to verify identity and permissions, and if authentication fails it typically responds with a 401 Unauthorized along with a WWW-Authenticate challenge to prompt for credentials. Other headers serve different purposes: Content-Type indicates the media type of the request body, and User-Agent identifies the client software. There isn’t a standard HTTP header named Authentication that carries credentials.

The header that carries authentication credentials in HTTP requests is the Authorization header. It sends credentials by including an authentication scheme and the credentials themselves, such as “Authorization: Basic dXNlcjpwYXNz” or “Authorization: Bearer .” The server reads this header to verify identity and permissions, and if authentication fails it typically responds with a 401 Unauthorized along with a WWW-Authenticate challenge to prompt for credentials. Other headers serve different purposes: Content-Type indicates the media type of the request body, and User-Agent identifies the client software. There isn’t a standard HTTP header named Authentication that carries credentials.