OAuth 2 0 Authorization Header

Question

I want to develop a SDK that encapsules the OAuth 2 0 functions  I have checked the differences  between OAuth 1 0  amp  2 0  and I have some confusion on Authorization Header  1 0 and  2 0   OAuth 1 0 protocol parameters can be transmitted using the HTTP  Authorization  header  but I can t find this described in current OAuth 2 0 draft   Does OAuth 2 0 supports authorization headers   In OAuth 1 0 your header would look like   Authorization  OAuth realm  Example       oauth consumer key  0685bd9184jfhq22       oauth token  ad180jjd733klru7       oauth signature method  HMAC-SHA1       oauth signature  wOJIO9A2W5mFwDgiDvZbTSMK 2FPY 3D       oauth timestamp  137131200       oauth nonce  4572616e48616d6d65724c61686176       oauth version  1 0

User · Answer

You can still use the Authorization header with OAuth 2.0. There is a Bearer type specified in the Authorization header for use with OAuth bearer tokens (meaning the client app simply has to present ("bear") the token). The value of the header is the access token the client received from the Authorization Server.

It's documented in this spec: https://tools.ietf.org/html/rfc6750#section-2.1

E.g.:

   GET /resource HTTP/1.1
   Host: server.example.com
   Authorization: Bearer mF_9.B5f-4.1JqM

Where mF_9.B5f-4.1JqM is your OAuth access token.

User · Answer

For those looking for an example of how to pass the OAuth2 authorization  access token  in the header  as opposed to using a request or body parameter   here is how it s done   Authorization  Bearer 0b79bab50daca910b000d4f1a2b675d604257e42

[http] OAuth 2.0 Authorization Header

Examples related to http

Examples related to oauth-2.0