How is the Webhook Header Authorization signed?

When a webhook executes an Authorization value is sent in the header to the URL.

For example I pulled the header of a web hook and see this in the header:

Authorization Value: Basic YWRtaW46MTIz

I know this must be based on the admin and password entered in the HTTP BASIC AUTH fields of the webhook, but how is this signature created so that I know how to verify the request??

I think I figured it out:


<?php echo base64_encode("username:password"); ?>