Bearer Tokens & Headers
Require and read an access token per request.
What a Bearer Token Is
A bearer token is a secret string that means "whoever holds this is allowed in." The server trusts the holder, no password needed per call. 🎟️
The Authorization Header
Clients send the token in the HTTP Authorization header so it rides along with every request automatically.
All lessons in this course
- Why Remote Servers Need Auth
- Bearer Tokens & Headers
- The OAuth Flow in MCP
- Scope What a Token Can Do