RFC 6750 — The OAuth 2.0 Authorization Framework: Bearer Token Usage by node

This document specifies how to use a bearer token to access OAuth 2.0 protected resources. Any party in possession of a bearer token can use it; bearer tokens must therefore be protected from disclosure in storage and in transport.