Scrapeman
Download
Docs: Auth Schemes

Overview

Six auth types are built in. Select from the Auth tab in the request builder.

None

No auth headers are sent. This is the default.

Basic

Provide username and password. Scrapeman encodes them as Authorization: Basic <base64(user:pass)> at send time.

Bearer

Provide a token string. Sent as Authorization: Bearer <token>. The token can be a {{var}} reference.

API Key

Provide key, value, and placement (header or query). If placement is header, the key-value pair is injected as a request header. If query, it is appended to the URL as a query parameter.

OAuth 2.0 Client Credentials

Configure:

  • Token URL — the authorization server endpoint
  • Client ID and Client Secret
  • Scope (optional)

Scrapeman fetches the token automatically before sending the request. Tokens are cached until they expire, then refreshed in the background. Concurrent requests share one in-flight token fetch — no hammering the token endpoint.

AWS Signature v4

Configure:

  • Access Key ID and Secret Access Key
  • Session Token (optional, for temporary credentials)
  • Region (e.g., us-east-1)
  • Service (e.g., s3, execute-api)

Scrapeman signs the request using the aws4 library. The signature covers method, URL, headers, and body.