⪼ Made with 💜 by Polyglot.
The Bearer authentication scheme (AKA token authentication) is an HTTP authentication scheme originally created as part of OAuth 2.0 in RFC 6750, but is sometimes also used on its own. Similarly to Basic authentication, Bearer authentication should only be used over HTTPS (SSL).
The name “Bearer authentication” can be understood as “give access to the bearer of this token.” The bearer token is a cryptic string, usually generated by the server in response to a login request. The client must send this token in the Authorization header when making requests to protected resources:
Authorization: Bearer <token>
While designed for use with access tokens resulting from OAuth 2.0 authorization RFC6749 flows to access OAuth protected resources; this HTTP authorization method that can be used with bearer tokens from any source to access any resources protected by those bearer tokens.
- API Key
- store as environment variables (encrypted)
- store in a key management service (encrypted)