Skip to main content
Certyneo
Glossary term · B

Bearer token

Definition

A bearer token is an API access token that grants whoever holds ("bears") it the right to access protected resources, without any further proof of identity — possession alone is sufficient, like cash. It is transmitted in the HTTP header Authorization: Bearer <token>. In OAuth 2.0: bearer tokens are the standard access-token format; they are typically short-lived and carry scopes that bound what the holder may do. Certyneo's REST API uses bearer tokens to authenticate programmatic calls: creation of envelopes, status queries, webhook configuration and downloading of signed documents. Security implications: because the token is the credential, it must travel only over TLS, never be exposed client-side or logged, and be rotated regularly; a leaked bearer token is as dangerous as a leaked password until it expires or is revoked. Good practice: scope each token to the minimum required permissions, set a short expiry, and prefer per-integration tokens so one can be revoked without affecting the others.

Ready to put these concepts into practice?

Certyneo allows you to create signature envelopes compliant with eIDAS in just a few clicks, without installation.