> ## Documentation Index
> Fetch the complete documentation index at: https://docs.alumio.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Oauth2 authentication

> Used to make for HTTP requests that require OAuth 2 authentication.

export const FormField = ({property, label, required = false, diType, uiPatterns, children}) => {
  const patterns = Array.isArray(uiPatterns) ? uiPatterns : uiPatterns ? [uiPatterns] : [];
  return <div style={{
    margin: '1.5rem 0'
  }}>
      <div style={{
    display: 'flex',
    alignItems: 'baseline',
    flexWrap: 'wrap',
    gap: '0.5rem',
    marginBottom: '0.25rem'
  }}>
        <strong>{label}</strong>
        <span style={{
    fontSize: '0.7rem',
    fontWeight: 600,
    textTransform: 'uppercase',
    letterSpacing: '0.04em',
    color: required ? '#6241f5' : '#6b7280'
  }}>
          {required ? 'Required' : 'Optional'}
        </span>
      </div>

      <div>{children}</div>

      {diType || patterns.length > 0 ? <p style={{
    fontSize: '0.85rem',
    color: '#6b7280',
    marginBottom: 0
  }}>
          {diType ? <>
              See the <a href={`/references/${diType}`}>{diType}</a> reference.{' '}
            </> : null}
          {patterns.length > 0 ? <>
              Accepts a <a href={`/documentation/placeholders-and-patterns/patterns#${patterns[0]}`}>pattern</a>.
            </> : null}
        </p> : null}
    </div>;
};

Adds OAuth 2 authentication to an HTTP API connection. Pick the OAuth token you have already set up, and every request the connection sends carries that token in an `Authorization: Bearer <token>` header. If a request comes back rejected because the token has expired, this feature automatically fetches a fresh token and tries the request once more, so you do not have to manage refreshes yourself.

This documentation describes: [Schema](/schemas/http-authentication-configurator/oauth2-bearer)

## Fields

<FormField property="token" label="Token" required diType="oauth-token-reference">
  The OAuth token used to authenticate. You select an OAuth token reference you have already configured; it holds the credentials and the rules for fetching and refreshing the token from your provider.
</FormField>

<FormField property="header" label="Header">
  The name of the HTTP header the token is placed in. Leave it empty to use the standard `Authorization` header. Set a different name only when the API you are calling expects the token somewhere else.
</FormField>

<FormField property="headerContent" label="Header Content">
  The template for the header value. Use `{token}` where the token should go; it is replaced with the live token value. Leave it empty to use the standard `Bearer {token}`, which produces a value like `Bearer your-access-token`. Change it only when the API expects a different prefix or format.
</FormField>

## Sample data

This feature adds authentication to a live HTTP connection rather than transforming data, so there is no before/after to show. A typical configuration looks like this:

| Field          | Value                                     |
| -------------- | ----------------------------------------- |
| Token          | A configured OAuth token reference        |
| Header         | (left empty, so `Authorization` is used)  |
| Header Content | (left empty, so `Bearer {token}` is used) |

With these settings, every request sent over the connection includes a header such as `Authorization: Bearer your-access-token`.

```json Configuration theme={null}
{
  "prototype": "oauth2-bearer",
  "parameters": {
    "token": {
      "prototype": "oauth-token-reference",
      "parameters": {}
    }
  }
}
```
