---
title: Authentication - Beeper Developer Docs
description: Authentication methods for Beeper Desktop API
lastUpdated: 2026-02-23T00:29:17.000Z
---

Beeper Desktop API requires an access token for all endpoints.

## Create a token

- [In app](#tab-panel-4)
- [OAuth](#tab-panel-5)

1. **[Make sure Beeper Desktop API is enabled and running](/desktop-api#get-started/index.md)**
2. **Open Settings** → **Developers** in Beeper Desktop
3. **Click the ”+” button** next to “Approved connections”
4. **Follow the instructions to create your token**

If you want to allow your users to interactively allow your application to access their Beeper Desktop, you can use OAuth 2.0 with [PKCE](https://oauth.net/2/pkce/) for authentication.

[RFC 8414](https://datatracker.ietf.org/doc/html/rfc8414) compliant metadata is available at `http://localhost:23373/.well-known/oauth-authorization-server`

Built-in MCP server uses OAuth natively for authentication. See the [authorization](https://modelcontextprotocol.io/specification/2025-06-18/basic/authorization) page of the MCP specification for more details.

[Get in touch with us](mailto:help@beeper.com) for help, questions, or feedback.

## Use your token

All requests to Beeper Desktop API, including requests to the MCP endpoints (`/v0/mcp`, `/v0/sse`), support the `Authorization` header with the `Bearer` token for authentication.

When used with the MCP server, MCP authentication is bypassed and the token is used directly.

```
Authorization: Bearer <your_token>
```

## Desktop API discovery and introspection

- `GET /v1/info` returns metadata about the active Desktop API server and exposes endpoint URLs for discovery.

OAuth token introspection is available via `POST /oauth/introspect` and accepts form-encoded payloads:

```
Content-Type: application/x-www-form-urlencoded


token=<your_token>&token_type_hint=access_token
```

The endpoint returns `active: true` with token metadata (when active), or `active: false` for inactive/invalid tokens.