Authorization Bearer Token Example

Authorization Bearer Token Example

What are Authorization Bearer Tokens and examples of how to include them in an HTTP request.

This guide tells you all about Authorization Bearer tokens and how they can be used to make an HTTP request secure.

This guide is a general approach to Bearer tokens, however, we will include extra information on how they are used to add extra security to export URLs made with CSV Getter.

When you use a URL, you are making an HTTP request. Some URLs are open, and will give a 200 response to indicate the request has been successful. When an HTTP request requires authorisation, the URL is essentially asking for a password so that it can return data. Failing to provide this 'password' and the user can expect a 401 error code which means unauthorized or access denied.

There are different types of ways to provide the 'password' depending on how the URL server works. JWT tokens and API keys are some examples - learn more about them here. This article focuses on how Bearer tokens are used to Authenticate HTTP requests.

A bearer token can be included in a request by adding an Authorization request header with the prefix "Bearer ". A request header is essentially a way of adding a little bit of extra information when accessing a URL so the server understands how to process a request. (More information here).

It is easy to experiment with request headers using an app like Postman. Postman acts a bit like an internet browser, and is good for accessing URLs which do not necessarily return HTML web pages, and require certain request headers.

Below is an example of making an authorized http request using the Bearer token abc123 in Postman. Notice how the Bearer token is set to the request header with the key Authorization.

Making an http request with a bearer token in postman

With the correct bearer token, the URL will give a 200 response and the expected data.

successful postman request

With an incorrect or missing token, the URL will give a 401 response and an error message.

receiving a 401 error in postman

Here is another example of making the same request but using a programming language like Python.

import requests

url = "https://api.csvgetter.com/yj4iuhzWUJnVSE9U44A1"

payload = {}
headers = {
  'Authorization': 'Bearer abc123'
}

response = requests.request("GET", url, headers=headers, data=payload)

print(response.text)

Authorization headers can also be passed into No-code tools like Make or Zapier. Below shows how to use the Bearer token in Make's HTTP module. Be sure you select the correct HTTP module. The Make a request module allows you to flexibly add http headers and set a bearer token like in the below example.

Setting a bearer token using Make's HTTP module

If you have built an API with CSV Getter, you may want to add this extra layer of security to your endpoint by adding the bearer token requirement. You can do this using the "Edit URL" Screen. In the example below, we have uploaded a CSV with currency data, and we would like to make any incoming HTTP requests require the bearer token abc123.

Enable Auth

With this setting in place, users of this API endpoint will need to provide a bearer token in order to access the data.

Gavin
Gavin