base64clientidclientsecret

Base64 client id client secret refers to the common practice of encoding a client's identifier and secret together using Base64 so they can be transmitted as a single credential in HTTP requests. In OAuth 2.0 and related API protocols, many token endpoints accept client credentials either in the Authorization header using the Basic scheme or, less commonly, in the form body. The typical format to encode is the string client_id:client_secret, encoded as Base64.

To use it, the client prepares the credentials by concatenating the client_id, a colon, and the client_secret,

Important cautions: Base64 is an encoding, not encryption. Anyone who can read the transport can decode it.

Standards notes: The approach is described in OAuth 2.0 (RFC 6749), including confidentiality considerations and alternatives