bearer token
bearer token is a type of token that identifies whoever knows it (its βbearerβ). It is the most common authentication type in OAuth.
Bearer token usage is defined by RFC 6750: OAuth 2.0 Bearer Token Usage. The exact definition reads:
A security token with the property that any party in possession of the token (a βbearerβ) can use the token in any way that any other party in possession of it can. Using a bearer token does not require a bearer to prove possession of cryptographic key material (proof-of-possession).
Technological definition
It is important to note that RFC 6750 limits the character set for a bearer token:
b64token = 1*( ALPHA / DIGIT / "-" / "." / "_" / "~" / "+" / "/" ) *"=" credentials = "Bearer" 1*SP b64token
IndieWeb
- An example of a bearer token on the IndieWeb is the access_token used with IndieAuth.