Basic auth or “Basic Access Authenticaton” is one of the simplest methods for a HTTP user agent to provide a username and password when attempting to access a page. It differs from other login methods in that there are no forms, sessions or cookies to worry about. Data sent is encoded but not encrypted so you would usually want to use this over HTTPS.

This type of authentication differs from other types in that much of the time, the page is not accessible until the basic auth details have been accepted. This makes it possible to create a test which is purely testing the login feature which successfully leads to the landing page. So that if the login function fails or the username/password are no longer valid – the user will receive an alert. The best way to identify whether your login system uses basic auth is to simply take a look, if the login box appears in a popup and says “Authorization required” you are likely to need to use this method, if it is embedded in the page then its probably some kind of form.

The Basic Auth setting within a test should only be used for this type of Basic Access Authentication, it cannot be used for other login methods like html forms. for these you would want to send POST data using our other test settings, but basic auth would have no effect, and thus you may find yourself receiving confusing results.