Authentication¶

Learn how to obtain and use your Minecraft bearer token for secure authentication.

What is a Bearer Token?¶

A bearer token is a secure authentication method that doesn't require your email and password. It's a temporary access token that grants permission to perform actions on your behalf.

Method 1: Browser Developer Tools¶

This is the most straightforward method for getting your bearer token.

Step-by-Step Guide¶

1. Open your browser and navigate to minecraft.net

2. Log in to your Minecraft account

3. Open Developer Tools:

4. Chrome/Edge: Press F12 or Ctrl+Shift+I
5. Firefox: Press F12 or Ctrl+Shift+I

6. Safari: Press Cmd+Option+I

7. Go to the Network tab in Developer Tools

8. Make a request to any Minecraft service (refresh the page or navigate to profile)

9. Find the Authorization header:

10. Look for requests to api.minecraftservices.com or similar
11. Click on a request and look for the Authorization header
12. Copy the value after Bearer (without the "Bearer " prefix)

Visual Guide¶

graph TD
    A[Open minecraft.net] --> B[Login to account]
    B --> C[Open Developer Tools F12]
    C --> D[Go to Network tab]
    D --> E[Refresh page or navigate]
    E --> F[Find API request]
    F --> G[Copy Authorization header]
    G --> H[Extract token after 'Bearer ']

Method 2: Authentication Libraries¶

For more advanced users, you can use Python libraries to authenticate programmatically.

Using minecraft-launcher-lib¶

import minecraft_launcher_lib

# Authenticate with Microsoft account
login_url, state, code_verifier = minecraft_launcher_lib.microsoft_account.get_secure_login_data()
print(f"Please open this URL and login: {login_url}")

# After login, get the code from redirect URL
authorization_code = input("Enter the code from redirect URL: ")

# Get access token
login_data = minecraft_launcher_lib.microsoft_account.complete_login(
    authorization_code, 
    code_verifier, 
    state
)

# Extract bearer token
bearer_token = login_data['access_token']
print(f"Bearer Token: {bearer_token}")

Installation¶

pip install minecraft-launcher-lib

Security Best Practices¶

Token Storage¶

❌ Don't do this:

# config.yaml - DON'T hardcode tokens
snipe:
  bearer_token: "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9..."

✅ Do this instead:

# config.yaml - Use environment variables
snipe:
  bearer_token: "${MINECRAFT_BEARER_TOKEN}"

# Set environment variable
export MINECRAFT_BEARER_TOKEN="your_actual_token_here"

Token Management¶

• Rotate regularly: Get new tokens periodically
• Monitor expiration: Tokens typically expire after 24 hours
• Secure storage: Use environment variables or secure vaults
• Never share: Keep tokens private and secure

Token Expiration¶

Bearer tokens are temporary and will expire. Common expiration times:

• Microsoft tokens: 1 hour (with refresh capability)
• Minecraft tokens: 24 hours
• Custom implementations: Varies

Handling Expiration¶

# Check if token is still valid
def is_token_valid(token):
    headers = {"Authorization": f"Bearer {token}"}
    response = requests.get("https://api.minecraftservices.com/minecraft/profile", headers=headers)
    return response.status_code == 200

# Refresh token if needed
if not is_token_valid(current_token):
    current_token = get_new_token()

Troubleshooting¶

Common Issues¶

"Invalid bearer token" - Token may have expired - Check for extra spaces or characters - Ensure you copied the complete token

"Unauthorized access" - Verify the token is for the correct account - Check if the account owns Minecraft - Ensure proper permissions

"Token not found in requests" - Clear browser cache and cookies - Try a different browser - Ensure you're logged into the correct account

Validation¶

Test your token before using it:

# Test with curl
curl -H "Authorization: Bearer YOUR_TOKEN" \
     https://api.minecraftservices.com/minecraft/profile

Expected response:

{
  "id": "uuid-here",
  "name": "YourMinecraftUsername"
}

Important Notes¶

Next Steps¶

With your bearer token ready, proceed to Basic Usage to start using NameMC Sniper.