Sending Request with Bearer Token Authorization Header

To send a request with a Bearer Token authorization header, you need to make an HTTP GET or POST request and provide your Bearer Token with the Authorization: Bearer {token} HTTP header. Bearer Authentication (also called token authentication) is an HTTP authentication scheme created as part of OAuth 2.0 but is now used on its own. For security reasons, bearer tokens are only sent over HTTPS (SSL). In this Bearer Token Authorization Header example, we send a request with a bearer token to the ReqBin echo URL. Click Send to run the Bearer Token Authorization Header example online and see the results.
Sending Request with Bearer Token Authorization Header Send
GET /echo/get/json HTTP/1.1
Host: reqbin.com
Accept: application/json
Authorization: Bearer {token}

Updated: Viewed: 154125 times

What is HTTP GET request?

The HTTP GET method is one of nine standard Hypertext Transfer Protocol (HTTP) request methods to request data from a server. GET method requests should only receive data. They cannot accept data in the body of a GET message and should not affect data on the server.

What is Bearer Authentication?

HTTP provides a framework for controlling access to protected resources. HTTP authentication is performed by sending authentication credentials in the authorization header to access the protected resource. Bearer authentication (also called token authentication) is one of the HTTP authentication schemes that grant access to the bearer of this token. Bearer token authentication is done by sending a security token with every HTTP request we make to the server. You can do bearer authentication with any programming language.

Bearer Token Authentication Syntax
Authorization: Bearer {token}

The bearer token is a cryptic string with no meaning or uses but becomes important within a proper tokenization system. The server usually generates the bearer token in response to a login request and saves it in the browser or local storage. Suppose your request does not include an authorization header or contains an invalid bearer token. In that case, the server may respond with a 401 (Unauthorized) status code and provide information on authenticating using the WWW-Authenticate header. After receiving a 401 response, your client can send another HTTP request with a valid authorization header. The Bearer Authentication Scheme was initially created as part of OAuth 2.0 in RFC6750 but is sometimes also used by itself. For security reasons, the bearer token should only be sent over HTTPS (SSL) connections.

Bearer Token Authentication Example

An example HTTP GET request with a Bearer Token authentication header that we send to the echo ReqBin URL:

Bearer Token Authentication Example
GET /echo/get/json HTTP/1.1
Authorization: Bearer {token}
Host: reqbin.com

See also

Generate Code Snippets for GET Request Bearer Token Authorization Header Example

Convert your GET Request Bearer Token Authorization Header request to the PHP, JavaScript/AJAX, Node.js, Curl/Bash, Python, Java, C#/.NET code snippets using the ReqBin code generator.