Bearcaps
A URI scheme combining URLs with a Bearer token needed to access them.
What are bearcaps?
In certain cases, resources may not be publically available and may require a token to successfully fetch them. This is typically done by using an HTTP Authorization
header containing a Bearer
token, like so:
GET https://example.com/foo
Authorization: Bearer <token>
Bearcaps allow for a way to link to a resource with the token included, like so:
bear:?t=<token>&u=https://example.com/foo'
To translate a bearcap to an HTTP request, simply make a request to the u
parameter and attach the t
parameter as a Bearer
token in the Authorization
header.
How are bearcaps used in Mastodon?
As of v3.3.0, Mastodon supports dereferencing bearcaps in a received Activity. Bearcap are not used for sending any Activity yet.
Last updated December 27, 2020 · Improve this page