Access tokens are credentials used to access protected resources. Access tokens are used as bearer tokens . A bearer token means that the bearer (who holds the access token) can access authorized resources without further identification. Because of this, it is important that bearer tokens be protected.