Stack Overflow
Stack Overflow

Questions tagged [bearer-token]

Tokens are issued to clients by an authorization server with the approval of the resource owner. The client uses the access token to access the protected resources hosted by the resource server.

1416 questions
254
votes
6 answers

What is the OAuth 2.0 Bearer Token exactly?

According to RFC6750-The OAuth 2.0 Authorization Framework: Bearer Token Usage, the bearer token is: A security token with the property that any party in possession of the token (a "bearer") can use the token in any way that any other party in…
Alex Beaupré
  • 2,670
  • 2
  • 14
  • 8
155
votes
2 answers

Web API Authentication Basic vs Bearer

I have created JWT based Authentication in my Web API application. I am not able to figure out the difference between Basic Token Bearer Token Can someone please help me?
SharmaPattar
  • 2,472
  • 3
  • 21
  • 23
64
votes
3 answers

Return more info to the client using OAuth Bearer Tokens Generation and Owin in WebApi

I have created a WebApi and a Cordova application. I am using HTTP requests to communicate between the Cordova application and the WebAPI. In the WebAPI, I've implemented OAuth Bearer Token Generation. public void ConfigureOAuth(IAppBuilder app) …
Ivan Stoyanov
  • 5,412
  • 12
  • 55
  • 71
59
votes
2 answers

How to properly use Bearer tokens?

I'm making an authorization system in PHP, and I came across this Bearer scheme of passing JWT tokens, I read [RFC 6750][1]. I've got the following doubts: How is this improving the security? The server responses the client with a JWT token in its…
Ashish Ranjan
  • 12,760
  • 5
  • 27
  • 51
53
votes
11 answers

ASP.NET Core 2.0 JWT Validation fails with `Authorization failed for user: (null)` error

I'm using ASP.NET Core 2.0 application (Web API) as a JWT issuer to generate a token consumable by a mobile app. Unfortunately, this token couldn't be validated by one controller while can be validated by another (using the same validation setting…
Mando
  • 11,414
  • 17
  • 86
  • 167
44
votes
9 answers

Authorization bearer token Angular 5

I am confused about how to create a good header for a simple Get request in Angular 5. This is what I need to do in Angular: This is what I have so far: getUserList(): Observable { const headers = new Headers(); let…
ValRob
  • 2,584
  • 7
  • 32
  • 40
40
votes
3 answers

Authorization Bearer token in HttpClient?

I am trying to access an API using an oauth2 authorization token in Java Here is the client code DefaultHttpClient httpclient = new DefaultHttpClient(); HttpPost post = new…
user_mda
  • 18,148
  • 27
  • 82
  • 145
39
votes
10 answers

Authorization in ASP.NET Core. Always 401 Unauthorized for [Authorize] attribute

For the first time I'm creating Authorization in ASP.NET Core. I used tutorial from here TUTORIAL The problem is when I sending request from postman: Authorization:Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6I... to my method in controller decorated with…
DiPix
  • 5,755
  • 15
  • 61
  • 108
34
votes
2 answers

ASP.NET Core 2.0 Bearer Auth without Identity

I thought I had a pretty simple goal in mind when I set out a day ago to implement a self-contained bearer auth webapi on .NET core 2.0, but I have yet to get anything remotely working. Here's a list of what I'm trying to do: Implement a bearer…
pseabury
  • 1,615
  • 3
  • 16
  • 30
33
votes
6 answers

oauth2 error AADSTS90014: The request body must contain the following parameter: 'grant_type'

From the development in Windev I use Oauth 2.0 for authorization to get access to the outlook mail from a user. The application is registered at https://apps.dev.microsoft.com without the Implicit workflow. After the user enters the credentials, an…
Adjan
  • 331
  • 1
  • 3
  • 4
29
votes
8 answers

How to get bearer token from header of a request in java spring boot?

Hi what trying to achieve is to get bearer token that submited from front end in java spring boot RESTApi controller and do another request using feign client to another microservices? here is what i do image above is how i do my request from…
Ke Vin
  • 3,478
  • 11
  • 60
  • 91
29
votes
2 answers

How to use Swagger in ASP.Net WebAPI 2.0 with token based authentication

I have a ASP.Net WebApi with token based authentication and I want to use swagger to create documentation for this RestApi. The Api has for now only 2 methods, one for requesting a token i.e. http://localhost:4040/token and the other one is for…
alaa_sayegh
  • 2,141
  • 4
  • 21
  • 37
28
votes
2 answers

Overriding OnTokenValidated JwtBearerEvents with Custom function .NET Core 2

In my API project I am handling authentication with JwtBearer (users login using Azure). When the API is called the token is being validated with the defined Azure instance and this all works fine. When a token is being validated successfully, the…
Nicolas
  • 2,277
  • 5
  • 36
  • 82
27
votes
3 answers

Best Practices Python - Where to store API KEYS/TOKENS

I am building a system that uses API tokens and keys to access services, but where is the best place to store them? I want to push the code to GitHub without pushing the tokens. Currently, I've placed them in a blank file named Constants.py and, in…
Rodrigo Calderano Barbacovi
  • 430
  • 1
  • 4
  • 11
25
votes
5 answers

Combine the use of authentication both for MVC pages and for Web API pages?

I have an MVC 5 web application and can login with a Login.cshtml page and get a cookie and the login works fine. But, I would like to do a login with the Web API and then (maybe) set a cookie so that I am logged in for my MVC pages... (or login…
Brian Rice
  • 3,107
  • 1
  • 35
  • 53
1
2 3
94 95