Digest Authentication

MD5-based digest authentication

Overview

This page documents the Digest Authentication feature of Request Man.

Digest Authentication GET https://api.example.com/protected/data Digest Auth Username admin Password 🔒 Hashed ************ Realm (Optional - Auto-detected from server) Protected Area Algorithm MD5 QOP auth ℹī¸ Digest Auth is more secure than Basic Auth - password never sent in clear text
Documentation in Progress: Full documentation for this feature coming soon!

Key Features

The Digest Authentication feature provides powerful capabilities for API testing and development.

🔒 Secure Hashing ✓ MD5/SHA-256 hashing ✓ Password never transmitted ✓ Challenge-response protocol Server Challenge: nonce="dcd98b7102dd2f0e8b11d0f600bfb0c093" Client Response: response="6629fae49393a05397450978507c4ef1" ✅ RFC 7616 Compliant ✓ Full RFC 7616 support ✓ MD5-sess algorithm ✓ auth-int QOP support Supported Algorithms: 🔘 MD5 (default) 🔘 SHA-256, SHA-512 🔘 MD5-sess, SHA-256-sess ⚙ī¸ Auto-Negotiation ✓ Automatic challenge detection ✓ Realm auto-extraction ✓ Nonce handling Flow: 1. Server sends 401 + challenge 2. Client computes hash 3. Request sent with response

Getting Started

Access the Feature

Navigate to Digest Authentication in the Request Man interface.

Configure Settings

Set up your Digest Authentication preferences.

Start Using

Begin using Digest Authentication in your API workflows!

Step 1: Select Digest Auth Digest Auth Step 2: Enter username & password Username: admin Password: ******** Step 3: Challenge-Response Protocol ➊ Server sends challenge (nonce, realm, algorithm) ➋ Client computes MD5 hash using credentials ➌ Response hash sent to server (password never transmitted!) ✓ ✓ Authenticated Successfully! Digest authentication completed - password was never sent over the network

Examples

Here are practical examples of using Digest Authentication:

Example: Digest Authentication Flow Request GET https://api.example.com/admin/users Digest Authentication Username: admin Password: ************ Realm: Protected Area Algorithm: MD5 QOP: auth SERVER CHALLENGE (WWW-Authenticate header): Digest realm="Protected Area", nonce="dcd98b7102dd2f0e8b11d0f600bfb0c093", algorithm=MD5, qop="auth" CLIENT RESPONSE (Authorization header): Digest username="admin", realm="Protected Area", nonce="...", uri="/admin/users", response="6629fae..." Response 200 OK { "users": [...], "message": "Authenticated via Digest Auth" }

Tips & Best Practices

Tip 1

Learn the keyboard shortcuts for faster workflow.

Tip 2

Use variables for flexibility across environments.

Tip 3

Save and organize your work in collections.

Tip 4

Check the console for detailed logging information.