***

title: validateBasicAuth
slug: /reference/typescript/agents/agent-base/validate-basic-auth
description: Override to add custom basic-auth validation logic.
max-toc-depth: 3
---------------------

For a complete index of all SignalWire documentation pages, fetch https://signalwire.com/docs/llms.txt

Lifecycle hook for custom basic-auth validation. The default implementation
returns `true`. Subclasses can override this to add secondary validation logic
(e.g., database lookups, external identity providers).

<Warning>
  This hook is defined but **not yet called** by the built-in Hono `basicAuth`
  middleware. The middleware currently validates credentials directly against the
  stored username/password pair. Overriding this method will have no effect on
  request authentication in the current SDK version. It is reserved for future
  integration.
</Warning>

## **Parameters**

<ParamField path="username" type="string" required={true} toc={true}>
  Username extracted from the incoming request's `Authorization` header.
</ParamField>

<ParamField path="password" type="string" required={true} toc={true}>
  Password extracted from the incoming request's `Authorization` header.
</ParamField>

## **Returns**

`boolean | Promise<boolean>` -- `true` if the credentials are valid, `false` to
reject the request.

## **Example**

```typescript {9}
import { AgentBase } from '@signalwire/sdk';

class SecureAgent extends AgentBase {
  constructor() {
    super({ name: 'assistant', route: '/assistant' });
    this.setPromptText('You are a helpful assistant.');
  }

  override async validateBasicAuth(
    username: string,
    password: string,
  ): Promise<boolean> {
    // Custom validation against an external user store
    const response = await fetch('https://auth.example.com/verify', {
      method: 'POST',
      headers: { 'Content-Type': 'application/json' },
      body: JSON.stringify({ username, password }),
    });
    return response.ok;
  }
}

const agent = new SecureAgent();
await agent.serve();
```