Skip to main content

Digest Auth, NTLM & Hawk

These auth types involve server-side computation and are handled entirely in the Electron main process — not in the browser.

Digest Auth

HTTP Digest Authentication is a challenge-response mechanism. The server sends a challenge (nonce) and the client responds with an MD5/SHA hash.

Setup:

  1. Select Digest Auth
  2. Enter Username and Password

Rostyman handles the challenge-response handshake automatically:

  1. Sends the initial request
  2. Receives the 401 with WWW-Authenticate: Digest ... header
  3. Computes the response hash
  4. Resends with the Authorization: Digest ... header

Both fields support {{variables}}.

NTLM

NTLM (NT LAN Manager) is Windows domain authentication, commonly used with on-premise Microsoft services (SharePoint, IIS, etc.).

Setup:

  1. Select NTLM
  2. Enter Username, Password, and optionally Domain and Workstation

Rostyman handles the multi-step NTLM handshake automatically.

Hawk Authentication

Hawk is an HMAC-based HTTP authentication scheme that signs requests with a shared secret.

Setup:

  1. Select Hawk
  2. Enter:
    • Hawk Auth ID — your Hawk credentials ID
    • Hawk Auth Key — your Hawk secret key
    • Algorithmsha256 or sha1

Optionally configure:

  • User, Nonce, Extra Data, App ID, Delegation for advanced Hawk features

Rostyman computes the Authorization: Hawk ... header automatically for each request.