Why is 'Bearer' required before the token in 'Authorization' header in a HTTP request

The  Authorization: <type> <credentials> pattern was introduced by the W3C in HTTP 1.0, and has been reused in many places since. Many web servers support multiple methods of authorization. In those cases sending just the token isn't sufficient.

Sites that use the `Authorization : Bearer cn389ncoiwuencr`

format are most likely implementing OAuth 2.0 bearer tokens.The OAuth 2.0 Authorization Framework sets a number of other requirements to keep authorization secure, for instance requiring the use of HTTPS/TLS.

[source](https://security.stackexchange.com/questions/108662/why-is-bearer-required-before-the-token-in-authorization-header-in-a-http-re)

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Why is 'Bearer' required before the token in 'Authorization' header in a HTTP request #1

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Why is 'Bearer' required before the token in 'Authorization' header in a HTTP request #1

Description

Metadata

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Issue actions