# Bearer Token

Use this method when the external API expects a bearer token in the authorization header.

### What this method does

Nected sends your token with each request in this format:

```http
Authorization: Bearer <token>
```

### When to use

* Provider docs explicitly require `Authorization: Bearer ...`
* You receive a token from a provider and do not need interactive OAuth authorization

### Required fields in Nected

* **Header**: fixed to `Authorization` (not editable)
* **Token**: raw token value

![Bearer Token configuration form](https://lh4.googleusercontent.com/iqC0Z76jZ1GKESgKrFk5xwePkAIViaRhoT46c7hqMtKuPD61M8jqS-2-nMKD6-VwPE7apgLAlxjEyGfMJKMw4HLk5qsl30a3ArfYOw20CtR90TKI3eCP16pyIDUa74-montwGX52NkP5)

### Step-by-step setup

1. Start from either location:
   * **Path A**: Go to **Security > Authorization** and click **+ New Authentication**.
   * **Path B**: Open the **REST API connector configuration sidebar** and click **Create Authentication** from the Authentication dropdown.
2. Select **Bearer Token**.
3. Enter `Token` (header stays fixed as `Authorization`).
4. Save the auth configuration.
5. Attach/select this configuration in your external API integration call.
6. Execute a test call and verify HTTP success code.

### Validation checklist

* Request contains header `Authorization` with `Bearer <token>`.
* No extra spaces/newlines in token.
* Target endpoint receives the header.

### Security considerations

* Store token in secure secret storage; never hardcode in source.
* Rotate token if exposed or periodically per policy.
* Use HTTPS only.

### Common errors and fixes

* **401 Unauthorized**: token invalid/expired. Regenerate and update config.
* **Header missing at provider**: verify proxies/gateways do not strip `Authorization`.
* **Need a custom header key**: Bearer Token does not support changing header name. Use API Key auth if provider requires a non-Authorization header.
* **Wrong prefix**: ensure format is `Bearer <token>`.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.nected.ai/nected-docs/security/external-api-authentication/bearer-token.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.