Bearer Authentication

Bearer Token:

a secondary authentication method it uses rather than continually sending username+password over the internet, or undergoing the long OAuth process. ...........................

Bearer Tokens:

encoded JSON objects that “bear” or “contain” enough information for the server to assert that any client request that presents a valid token must have originated from a client that has previously authenticated themselves using either Basic or OAuth. ...........................

Bearer Tokens :

• are sent to the user/client after the initial signin process has completed.
• Clients must make every subsequent request to the server with that token, in the header
• Authorization: Bearer encoded.jsonwebtoken.here
• The server opens the token, does the re-authentication, and then grants or denies access
• In express servers, this can be done in middleware, in conjunction with a user model