The Katana bearer token authentication middleware tries to retrieve tokens from the HTTP Authorization header with a scheme of Bearer by default. You can customize this behavior by providing a so called Provider (this is a common pattern in Katana). … Continue reading Retrieving bearer tokens from alternative locations in Katana/OWIN