Document Name: RFC 6750
Document URI: urn:ietf:rfc:6750
Online Version:
Organization: Internet Engineering Task Force (IETF)
Series: Request for Comments (RFC)
Abstract: This specification describes how to use bearer tokens in HTTP requests to access OAuth 2.0 protected resources. Any party in possession of a bearer token (a "bearer") can use it to get access to the associated resources (without demonstrating possession of a cryptographic key). To prevent misuse, bearer tokens need to be protected from disclosure in storage and in transport.

Specified Web Concepts:

HTTP Authentication Schemes


OAuth Access Token Types


OAuth Extensions Errors

insufficient_scope , invalid_request , invalid_token

Return to ( Series | Organization | all Specifications )