1. Home
  2. develop
  3. Full Stack Developer

Why should a Bearer be added to the Authorization header for API authorization?

2244 views 0 comments

When designing API authorization, or calling third-party APIs, you often come into contact with:

Authorization : Bearer Tokenxxxxxx

Do you have any doubts about why not just write it like this:

Authorization : Tokenxxxxxx

This is because of W3C's HTTP 1.0 specification, the format of Authorization is:

Authorization: <type> <authorization-parameters>

So Bearer is the type of authorization. Common types of authorization include:

  • Basic for http-basic authentication;
  • Bearer is commonly used in OAuth and JWT authorization;
  • http-basic authentication with Digest MD5 hash (DEPRECATED)
  • AWS4-HMAC-SHA256 AWS authorization
    -...
Likes(0)
7 free APIs for mocking data
7 free APIs for mocking data
ExpressJS 5 minutes to build API interface
ExpressJS 5 minutes to build API interface
Simulate your API in a Symfony project
Simulate your API in a Symfony project

Comment list count 0 Comments

No Comments