asp.net-web-apifiddler
Inspecting bearer token
I have some challenges authentication to WEB API so I started a fiddler to see what going on. I got a bearer token but I am suspecting the framework is not attaching the token to the request.
I cant see any bearer token in the header, is it correct to assume that the bearer token should have been in the header of the request, or can bearer token be added otherwise?
Solution
is it correct to assume that the bearer token should have been in the header of the request
Yes, that's exactly what the response tells you:
HTTP/1.1 401 Unauthorized WWW-Authenticate: Bearer
This means your client should send a Authorization: Bearer $token request header.