You're seeing just the function request_bearer_auth, go back to Oasis.Plug.BearerAuth module for more information.
Link to this function

request_bearer_auth(conn, options \\ [])

View Source

Requests bearer authentication from the client.

It sets the response to status 401 with "Unauthorized" as body. The response is not sent though (nor the connection is halted), allowing developers to further customize it.

A response example:

HTTP/1.1 401 Unauthorized
www-authenticate: Bearer realm="Application",
                  error_description="the access token expired"


  • :realm - the authentication realm. The value is not fully sanitized, so do not accept user input as the realm and use strings with only alphanumeric characters and space.
  • :error - an optional tuple to represent "error" and "error_description" attributes, for example, {"invalid_token", "the access token expired"}