Securityflags: i

Bearer Token (Authorization Header)

Match Bearer token values from HTTP Authorization headers, capturing the raw token string.

Try it in RegexPro →

Available in

JSSupported

JavaScript / ECMAScript

Browser-native RegExp. Default if you don't pick.

PYSupported

Python (re)

CPython stdlib `re`. Unicode-aware `\w` and `\d` by default.

GOSupported

Go (RE2)

Linear-time matching. No backreferences or lookarounds.

Pattern

regexengine-agnostic

Bearer\s+([A-Za-z0-9\-._~+\/]+=*)   (flags: i)

Raw source: Bearer\s+([A-Za-z0-9\-._~+\/]+=*)

How it works

Bearer\s+ matches the scheme keyword (case-insensitive via i flag) and required whitespace. ([A-Za-z0-9\-._~+\/]+=*) captures the token value using the set of characters allowed in OAuth 2.0 Bearer tokens, with optional trailing = padding.

Examples

Input

Authorization: Bearer eyJhbGciOiJIUzI1NiJ9.abc.def

Matches

Bearer eyJhbGciOiJIUzI1NiJ9.abc.def

Input

bearer some_token_value==

Matches

bearer some_token_value==

Input

Basic dXNlcjpwYXNz

No match

—

Common use cases

•API gateway log parsing and token redaction
•Auth middleware token extraction
•HTTP request replaying and debugging
•Security audit of log files for exposed tokens

←PreviousCSS hsl() / hsla() Color

All patterns

NextPEM Certificate Block→