HTTP Digest Auth

What is HTTP Digest Auth?

HTTP Digest Auth (or Digest access authentication) is an username/password authentication protocol that aims to be slightly safer than Basic Auth.Paw supports HTTP Digest Auth via the Digest Auth dynamic value extension, which generates the Authorization header from the credentials you provide.Warning! Please note that Digest auth is known to be unsafe if used on non-HTTPS hosts, mostly due to the fact that it relies on MD5 hashes.

Use HTTP Digest Auth

1

Install the extension

On the page Digest Auth dynamic value extension, hit the Install Extension button.
Install the Digest auth extension
2

Add the dynamic value

  1. Back to Paw, go to the Headers tab.
  2. Add a header Authorization.
  3. Right-click on the value field to get the list of the available dynamic values.
  4. Under Extensions, pick Digest Auth.
3

Enter your credentials

Your password will be encrypted and stored in the document file.Alternatively, you can access a password from the Keychain: toggle the password field into a “Regular Field” by clicking the lock icon, then click on the Secure dynamic value to get more options.
4

Done

You’re ready to send the request!Note: before the actual request is sent, a handshake (challenge) request will be sent to the server to retrieve a nonce value.