The X-Accept-Authentication header specifies the HTTP authentication schemes that the client supports. The authentication schemes that are supported by a server, if any, are implementation-specific and MAY be enabled arbitrarily by a server administrator.<47>

This header is defined for use only in requests sent to a server.

HTTP authentication information is specified in [RFC1945] section 11.

The syntax of the X-Accept-Authentication header is defined as follows.

 X-Accept-Authentication = "X-Accept-Authentication: "

   auth-scheme *("," auth-scheme) CRLF

 auth-scheme   ; as defined in section 11 of [RFC1945]

 

The following is an example.

 X-Accept-Authentication: Negotiate, NTLM, Digest, Basic