What is Bearer token in Postman?

Postmantesting~5 mins

Bearer token in Postman

Choose your learning style9 modes available

Learn Why Deep Trace Try Challenge Automate Recall Frame

Introduction

A Bearer token is a secret key used to prove who you are when you ask a server for data. It helps keep your information safe.

When you want to access a website or API that needs you to log in first.

When testing secure APIs that require user authentication.

When automating tests that need to send a token to prove identity.

When checking if the server correctly accepts or rejects requests with tokens.

When debugging issues related to access permissions in APIs.

Syntax

Postman

Authorization: Bearer <token>

The word Bearer is followed by a space and then the token string.

This header is added to HTTP requests to prove your identity.

Examples

This example shows a simple Bearer token string used in the Authorization header.

Postman

Authorization: Bearer abc123xyz456

This example shows a JSON Web Token (JWT) as a Bearer token, which is common in APIs.

Postman

Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...

Sample Program

This is a simple HTTP GET request to fetch a user profile. The Bearer token is sent in the Authorization header to prove the user is allowed to see this data.

Postman

GET /api/user/profile HTTP/1.1
Host: example.com
Authorization: Bearer abc123xyz456

Response:
{
  "id": 1,
  "name": "Alice",
  "email": "alice@example.com"
}

OutputSuccess

Important Notes

Never share your Bearer token publicly; it is like a password.

Tokens usually expire after some time for security reasons.

In Postman, you can set the Bearer token in the Authorization tab for easy reuse.

Summary

Bearer tokens prove your identity when calling APIs.

They go in the Authorization header as: Bearer <token>.

Use them to test secure API endpoints safely.