0
0
PostmanHow-ToBeginner ยท 3 min read

How to Use Bearer Token in Postman for API Authentication

In Postman, you use a Bearer Token by selecting the Authorization tab, choosing Bearer Token as the type, and then entering your token in the provided field. This token is sent in the Authorization header with your API request to authenticate it.
๐Ÿ“

Syntax

The bearer token is sent in the HTTP header named Authorization with the format:

Authorization: Bearer <token>

Here:

  • Authorization is the header key.
  • Bearer is the authentication scheme.
  • <token> is your secret token string.
http
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...
๐Ÿ’ป

Example

This example shows how to set a bearer token in Postman to call a protected API endpoint.

text
1. Open Postman and create a new request.
2. Select the <strong>Authorization</strong> tab.
3. From the <strong>Type</strong> dropdown, select <strong>Bearer Token</strong>.
4. Paste your token string into the <strong>Token</strong> field.
5. Send the request to the API endpoint.

Example token: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...

The request header will include:
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...
Output
HTTP/1.1 200 OK { "message": "Access granted", "data": {...} }
โš ๏ธ

Common Pitfalls

  • Not selecting Bearer Token as the authorization type causes the token to not be sent correctly.
  • Forgetting to include the word Bearer before the token in manual headers leads to authentication failure.
  • Using an expired or invalid token will result in 401 Unauthorized errors.
  • Placing the token in the wrong header or body instead of the Authorization header.
http
Wrong way:
Authorization: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...

Right way:
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...
๐Ÿ“Š

Quick Reference

StepAction
1Open Postman and create a new request
2Go to the Authorization tab
3Select 'Bearer Token' from the Type dropdown
4Paste your token into the Token field
5Send the request to authenticate
โœ…

Key Takeaways

Always select 'Bearer Token' as the authorization type in Postman to send the token correctly.
The token is sent in the 'Authorization' header with the prefix 'Bearer '.
Ensure your token is valid and not expired to avoid authentication errors.
Do not manually add the 'Authorization' header if using the Bearer Token type in Postman.
Use the Authorization tab in Postman for easier and error-free token management.

Related by keyword

How to Use Postman for API Testing: Step-by-Step GuideGetting StartedHow to Schedule API Monitoring in Postman EasilyMock Server and MonitorHow to Generate API Documentation in Postman EasilyDocumentationHow to Use Postman for API Design: Step-by-Step GuideDocumentationHow to Use Postman Web Version for API TestingGetting Started

Up next

What is Postman: API Testing Tool Explained SimplyWhat Is Postman Used For: API Testing and Development ToolEnvironment vs Global vs Collection Variable in Postman: Key DifferencesHow to Create Environment in Postman: Step-by-Step Guide

More in Requests

How to Make DELETE Request in Postman: Step-by-Step GuideHow to Make GET Request in Postman: Step-by-Step GuideHow to Make PATCH Request in Postman: Step-by-Step GuideHow to Make a POST Request in Postman: Step-by-Step Guide