And returns a header `WWW-Authenticate` with a value of `Basic`, and an optional `realm` parameter.

That tells the browser to show the integrated prompt for a username and password.

Then, when you type that username and password, the browser sends them in the header automatically.

## Simple HTTP Basic Auth { #simple-http-basic-auth }

* Import `HTTPBasic` and `HTTPBasicCredentials`.

```
http://localhost:8000/v1/agents/multivac
```

Obwohl der Host der bösartigen Website und der lokalen App unterschiedlich ist, löst der Browser keinen CORS-Preflight-Request aus, weil:

* sie ohne Authentifizierung läuft, es müssen keine Credentials gesendet werden.
* der Browser annimmt, dass kein JSON gesendet wird (wegen des fehlenden `Content-Type`-Headers).

```
http://localhost:8000/v1/agents/multivac
```

Even though the host of the malicious website and the local app is different, the browser won't trigger a CORS preflight request because:

* It's running without any authentication, it doesn't have to send any credentials.
* The browser thinks it's not sending JSON (because of the missing `Content-Type` header).

Next, the browser would verify that the response is valid and encrypted with the right cryptographic key, etc. It would then **decrypt the response** and process it.

<img src="/img/deployment/https/https07.drawio.svg">

            Maps to `addEventListener(event, ...)` on the browser. When omitted,
            the browser dispatches on the generic `message` event.
            """
        ),
    ] = None
    id: Annotated[
        str | None,
        AfterValidator(_check_id_no_null),
        Doc(
            """
            Optional event ID.

            The browser sends this value back as the `Last-Event-ID` header on

          else -> writer.writeOctetString(value as ByteString)
        }
      }

      override fun fromDer(reader: DerReader): Any? {
        val adapter = chooser(reader.typeHint) as DerAdapter<Any?>?
        return when {
          adapter != null -> adapter.fromDer(reader)
          else -> reader.readUnknown()
        }
      }
    }
  }

  /**

Dadurch wird der Browser angewiesen, die integrierte Eingabeaufforderung für einen Benutzernamen und ein Passwort anzuzeigen.

Wenn Sie dann den Benutzernamen und das Passwort eingeben, sendet der Browser diese automatisch im Header.

## Einfaches HTTP Basic Auth { #simple-http-basic-auth }

The MinIO deployment starts using default root credentials `minioadmin:minioadmin`. You can test the deployment using the MinIO Console, an embedded web-based object browser built into MinIO Server. Point a web browser running on the host machine to <http://127.0.0.1:9000> and log in with the root credentials. You can use the Browser to create buckets, upload objects, and browse the contents of the MinIO server. You can also connect using any S3-compatible tool, such as the MinIO Client `mc` commandline...

  private OAuthSessionFactory sessionFactory;

  /** Guarded by this. */
  private OAuthSession session;

  public SlackClient(SlackApi slackApi) {
    this.slackApi = slackApi;
  }

  /** Shows a browser URL to authorize this app to act as this user. */
  public void requestOauthSession(String scopes, String team) throws Exception {
    if (sessionFactory == null) {
      sessionFactory = new OAuthSessionFactory(slackApi);

//
// You should have received a copy of the GNU Affero General Public License
// along with this program.  If not, see <http://www.gnu.org/licenses/>.

package browser

import "github.com/minio/minio/internal/config"

// Help template for browser feature.
var (
	defaultHelpPostfix = func(key string) string {
		return config.DefaultHelpPostfix(DefaultKVS, key)
	}

	Help = config.HelpKVS{
		config.HelpKV{