/Knowledge/sources/honojs__hono/llms-full/bearer-auth-middleware-usage--6d6322d0eaa7.md
Bearer Auth Middleware: Usage - hono-docs
Bearer Auth Middleware: Usage Source evidence: /Sources/honojs hono/provenance.md Canonical citation: https://hono.dev/llms full.txt usage Summary [!NOTE] Yo...
Bearer Auth Middleware: Usage
Source evidence: /Sources/honojs__hono/provenance.md Canonical citation: https://hono.dev/llms-full.txt#usage
Summary
[!NOTE] > Your
tokenmust match the regex/[A-Za-z0-9._~+/-]+=*/, otherwise a 400 error will be returned. Notably, this regex accommodates both URL-safe Base64- and standard Base64-encoded JWTs. This middleware does not require the...
Content
[!NOTE] Your
tokenmust match the regex/[A-Za-z0-9._~+/-]+=*/, otherwise a 400 error will be returned. Notably, this regex accommodates both URL-safe Base64- and standard Base64-encoded JWTs. This middleware does not require the bearer token to be a JWT, just that it matches the above regex.
const app = new Hono()
const token = 'honoiscool'
app.use('/api/*', bearerAuth({ token }))
app.get('/api/page', (c) => {
return c.json({ message: 'You are authorized' })
})
To restrict to a specific route + method:
const app = new Hono()
const token = 'honoiscool'
app.get('/api/page', (c) => {
return c.json({ message: 'Read posts' })
})
app.post('/api/page', bearerAuth({ token }), (c) => {
return c.json({ message: 'Created post!' }, 201)
})
Metadata
{
"chunk_index": 0,
"citation": "https://hono.dev/llms-full.txt#usage",
"coverage_role": "overview",
"qualified_title": "Hono / llms-full / Bearer Auth Middleware > Usage (1)",
"retrieved_at": "2026-07-02T05:51:01Z",
"section_index": 250,
"source_id": "/honojs/hono",
"source_type": "llms_full",
"target_label": "llms-full",
"title": "Bearer Auth Middleware: Usage",
"upstream_url": "https://hono.dev/llms-full.txt",
"version": "2026"
}