Grafana Alloy is the new name for our distribution of the OTel collector. Grafana Agent has been deprecated and is in Long-Term Support (LTS) through October 31, 2025. Grafana Agent will reach an End-of-Life (EOL) on November 1, 2025. Read more about why we recommend migrating to Grafana Alloy.

Important: This documentation is about an older version. It's relevant only to the release noted, many of the features and functions have been updated or replaced. Please view the current version.

Open source


otelcol.auth.bearer exposes a handler that can be used by other otelcol components to authenticate requests using bearer token authentication.

NOTE: otelcol.auth.bearer is a wrapper over the upstream OpenTelemetry Collector bearertokenauth extension. Bug reports or feature requests will be redirected to the upstream repository, if necessary.

Multiple otelcol.auth.bearer components can be specified by giving them different labels.


otelcol.auth.bearer "LABEL" {
  token = "TOKEN"


otelcol.auth.bearer supports the following arguments:

tokensecretBearer token to use for authenticating requests.yes

Exported fields

The following fields are exported and can be referenced by other components:

handlercapsule(otelcol.Handler)A value that other components can use to authenticate requests.

Component health

otelcol.auth.bearer is only reported as unhealthy if given an invalid configuration.

Debug information

otelcol.auth.bearer does not expose any component-specific debug information.


This example configures otelcol.exporter.otlp to use bearer token authentication:

otelcol.exporter.otlp "example" {
  client {
    endpoint = "my-otlp-grpc-server:4317"
    auth     = otelcol.auth.bearer.creds.handler

otelcol.auth.bearer "creds" {
  token = env("API_KEY")