Hacker Newsnew | past | comments | ask | show | jobs | submitlogin
What Is the Purpose of “Bearer”?
3 points by pbreit on Sept 16, 2022 | hide | past | favorite | 4 comments
Could someone please explain to me what the purpose is of prefixing Authorization header values with "Bearer"?


The name “Bearer authentication” can be understood as “give access to the bearer of this token.” [1]

There are many types of authentication scheme [2]

Commonly used to distinguish between Basic (with userid/password) and Bearer (authorisation using a token).

[1] https://www.devopsschool.com/blog/what-is-bearer-token-and-h...

[2] https://www.iana.org/assignments/http-authschemes/http-auths...


its for identifying how the value is parsed. there other values are Basic and Digest which are sending the password to the server. basic is base64 encoded username:password, Digest is similar but the data is hashed with md5 and contains a nonce that can be used to prevent replay attacks.


https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Au...


This isn’t really that kind of forum, mate.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: