Support for OAuth 2.0 Authorization with "Bearer" token

Hi, I was wondering if it would be possible for kraken to support OAuth requests when the header is in the form:

Authorization: Bearer [access token]

As specified in RFC6750 and referenced in RFC6749.


curl -H "Authorization: Bearer [my token omitted]" -X GET

{"error":"Unauthorized","status":401,"message":"Token invalid or missing required scope"}

where as

curl -H "Authorization: OAuth [my token omitted]" -X GET


{"display_name":qwerty","_id":12312345,"name":"qwerty",.., etc.}

Thanks for providing the Twitch Web API.


1 Like

+1 – I would love to see this feature but I don’t think I would use it… I’m kinda scared of using Bearer tokens… they rely solely on SSL/TLS for its security and they are some kind of cookies…


1 Like

+1. Supporting the standard authorization type Bearer in addition to OAuth should be pretty simple to implement and wouldn’t break backward compatibility. This small change would significantly simplify using the Twitch API with existing OAuth libraries.