As is evident from the word basic, basic authentication involves a mechanism where the system asks for simple credentials (username and password) to authenticate or validate the user via incoming requests from the client to the web or application servers via RESTful web services (in our case, ASP.NET Core web APIs).
Consider the following diagram, which showcases basic authentication:
The preceding diagram is of the basic HTTP authentication that I'm going to implement in our code. Here, the request comes from the client to access resources that are protected (resources that are kept from public access). The request contains a username and password in its header at the service end, and the service checks whether it is a validate request or not by validating the username and password from its repository, usually a database store. The service returns the data in its response to the client if the user is validated; otherwise, it returns invalid credentials with HTTP status code 401.
You can find a complete list of HTTP status codes, along with their definitions, at https://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html.