Bearer Token Semantics
← Back to Access Tokens
A bearer token grants access to whoever possesses it, without requiring proof of identity. This means bearer tokens must be protected in transit (HTTPS only) and storage (secure cookies, encrypted storage). If stolen, a bearer token can be used by anyone until it expires.