Product
HTTP Interceptor

A Power HTTP Interceptor to Intercept, Record, Debug & Modify HTTP Requests

API Client

A lightweight and secure API Client for faster API Development & Testing

API Mocking

Build frontend faster without waiting for backend.

Solutions
Frontend Web/Mobile Developers

Requestly improves front-end workflows with local JS testing, mocking, and SessionBook debugging.

For QA engineers

QA engineers love Requestly for its features and ease of use, allowing easy edge case testing.

Support Engineer

Support engineers value Requestly for debugging, demoing, and overriding GTM and Adobe scripts.

Backend Developers

Requestly helps in improving back-end development workflows, by enabling testing.

Pricing
Resources
Pricing
Blog
Case Studies
Status
Github
Release Note
Student Programme
🎉 Requestly joins BrowserStack to build the future of application testing. Read more

HTTP Headers

Proxy Authenticate

HTTP Header

The HTTP Proxy-Authenticate response header specifies the authentication method or challenge that must be used to access a resource behind a proxy server.
It is included in a 407 Proxy Authentication Required response, allowing the client to identify and respond to the proxy’s authentication requirements.

Syntax

A comma-separated list of one or more authentication challenges:

Proxy-Authenticate: <challenge>

Where a <challenge> consists of an <auth-scheme>, optionally followed by a <token68> or a list of <auth-params> separated by commas:

challenge = <auth-scheme> <auth-param>, …, <auth-paramN> 
challenge = <auth-scheme> <token68>

For example:

http
Proxy-Authenticate: &lt;auth-scheme&gt; 
Proxy-Authenticate: &lt;auth-scheme&gt; token68
Proxy-Authenticate: &lt;auth-scheme&gt; auth-param1=param-token1
Proxy-Authenticate: &lt;auth-scheme&gt; auth-param1=param-token1, …, auth-paramN=param-tokenN

The inclusion of a token68 or authentication parameters depends on the specific <auth-scheme> in use.
For example, Basic authentication requires a <realm> and optionally accepts a charset, but does not support a token68:

http
Proxy-Authenticate: Basic realm="Dev", charset="UTF-8"

Directives

<auth-scheme>

A case-insensitive token indicating the Authentication scheme used.
Some of the more common types are Basic, Digest, Negotiate and AWS4-HMAC-SHA256.
IANA maintains a list of authentication schemes, but there are other schemes offered by host services.

<auth-param> Optional

An authentication parameter whose format depends on the <auth-scheme>.
<realm> is described below as it’s a common authentication parameter among many auth schemes.

<realm> Optional

The string realm followed by = and a quoted string describing a protected area, for example realm="staging environment".
A realm allows a server to partition the areas it protects (if supported by a scheme that allows such partitioning).
Some clients show this value to the user to inform them about which particular credentials are required — though most browsers stopped doing so to counter phishing.
The only reliably supported character set for this value is us-ascii.
If no realm is specified, clients often display a formatted hostname instead.

<token68> Optional

A token that may be useful for some schemes.
The token allows the 66 unreserved URI characters plus a few others.
It can hold a base64, base64url, base32, or base16 (hex) encoding, with or without padding, but excluding whitespace.
The token68 alternative to auth-param lists is supported for consistency with legacy authentication schemes.

Generally, you will need to check the relevant specifications for the authentication parameters needed for each <auth-scheme>.

Example

Proxy-Authenticate Basic auth

The following response indicates that a Basic authentication scheme is required with a designated realm:

http
Proxy-Authenticate: Basic realm="Staging server"

How to Modify Header using Requestly

Requestly is a powerful Chrome extension that allows you to modify HTTP headers, including the Proxy-Authenticate header. This can be crucial for debugging proxy authentication issues or testing how your application handles various proxy authentication challenges. Steps to Modify the Proxy-Authenticate Header:

  1. Install and open the Requestly Chrome extension. You can find it on the Chrome Web Store.
  2. Create a new rule: Click on “Create Rule” and choose “Modify Headers” from the list of available rule types.
  3. Add a new header modification:
    • Under “Action”, select “Add” or “Override”.
    • In the “Header Name” field, enter Proxy-Authenticate.
    • In the “Header Value” field, enter the desired authentication scheme and parameters (e.g., Basic realm=”Example”).
  4. Set the URL condition: Specify the URL or pattern where this header change should apply (e.g., https://your-proxy-server.com/*).
  5. Save the rule.

Once configured, Requestly will modify the Proxy-Authenticate header in all matching requests, helping you test and troubleshoot proxy authentication behaviors effectively.

You might need to modify the Proxy-Authenticate header to simulate different authentication challenges from a proxy server. This helps developers ensure that their applications handle proxy authentication correctly and improves the debugging process when proxy issues arise.