25 lines
856 B
Markdown
25 lines
856 B
Markdown
---
|
||
title: "Bearer-Token-Authentication"
|
||
type: concept
|
||
tags: []
|
||
sources: [expose-hermes-agent-as-an-openai-compatible-api-for-any-frontend]
|
||
last_updated: 2026-05-02
|
||
---
|
||
|
||
## Definition
|
||
Bearer Token Authentication 是一种 HTTP 认证机制,通过 `Authorization: Bearer <token>` 请求头传递令牌来验证 API 请求的合法性。
|
||
|
||
## Usage in Hermes Agent
|
||
Hermes Agent API Server 使用 Bearer Token 认证:
|
||
- **环境变量**:`API_SERVER_KEY` 设置认证密钥
|
||
- **请求格式**:`Authorization: Bearer <API_SERVER_KEY>`
|
||
- **适用场景**:任何调用 API Server 的客户端
|
||
|
||
## Security Notes
|
||
- 当 API Server 绑定到非 loopback 地址(如 `0.0.0.0`)时,必须配置 `API_SERVER_KEY`
|
||
- 默认绑定 `127.0.0.1:8642` 时仅本地访问可用,认证可选
|
||
|
||
## Related
|
||
- [[OpenAI-Compatible-API]]
|
||
- [[Multi-Profile-Isolation]]
|