diff --git a/DEVELOPMENT.md b/DEVELOPMENT.md
index b2695a990..c6a888720 100644
--- a/DEVELOPMENT.md
+++ b/DEVELOPMENT.md
@@ -128,7 +128,8 @@ Then go to `/swagger` and use `GET /auth/token` end-point.
 ### Supplying the Token
 In API endpoint calls, add the `Authorization` HTTP header with a value of
 `Token <token_value>`. For example, for a token `1234`, include the header:
-`Authorization: Token 1234`.
+`Authorization: Bearer 1234` (following OAuth2 RFC 6750) or 
+`Authorization: Token 1234` (following Django rest framework).
 
 ## Scripts
 
diff --git a/dandiapi/api/auth.py b/dandiapi/api/auth.py
new file mode 100644
index 000000000..8e049bd60
--- /dev/null
+++ b/dandiapi/api/auth.py
@@ -0,0 +1,14 @@
+from rest_framework.authentication import TokenAuthentication
+
+
+class BearerTokenAuthentication(TokenAuthentication):
+    """
+    To support not only DRF specific but also a standard oauth2 "Bearer" Authorization
+
+    Supporting both "token" and "Bearer" authorization requests is similar to GitHub behavior:
+    See https://docs.github.com/en/rest/authentication/authenticating-to-the-rest-api?apiVersion=2022-11-28
+
+    The recipe from https://github.com/encode/django-rest-framework//commit/ffdac0d93619b7ec6039b94ce0e563f0330faeb1
+    """
+    keyword = 'Bearer'
+
diff --git a/dandiapi/settings.py b/dandiapi/settings.py
index 5550e116e..ed0ac134e 100644
--- a/dandiapi/settings.py
+++ b/dandiapi/settings.py
@@ -57,6 +57,7 @@ def mutate_configuration(configuration: type[ComposedConfiguration]):
             # TODO: remove TokenAuthentication, it is only here to support
             # the setTokenHack login workaround
             'rest_framework.authentication.TokenAuthentication',
+            'dandiapi.api.auth.BearerTokenAuthentication',
         ]
 
         # Caching