Skip to main content

Bearer Token, Basic Auth & API Key

Bearer Token

The most common auth type for modern REST APIs and JWTs.

Setup:

  1. Select Bearer Token from the Auth type dropdown
  2. Enter your token in the Token field

Rostyman automatically adds the header:

Authorization: Bearer <your-token>

You can use a variable: {{accessToken}} — useful when a pre-request script fetches a fresh token before each request.

Basic Auth

HTTP Basic Authentication encodes the username and password as Base64 and sends them in the Authorization header.

Setup:

  1. Select Basic Auth
  2. Enter Username and Password

Rostyman adds:

Authorization: Basic <base64(username:password)>

Both fields support {{variables}}.

API Key

Sends an API key either as a request header or as a query parameter.

Setup:

  1. Select API Key
  2. Enter the Key name (e.g., X-API-Key or api_key)
  3. Enter the Value (your API key — use {{apiKey}} variable)
  4. Choose Add to: Header or Query Params

Example — header:

X-API-Key: sk-abc123...

Example — query param:

https://api.example.com/data?api_key=sk-abc123...