diff --git a/core/modules/startup/rootwidget.js b/core/modules/startup/rootwidget.js
index d81e07aee..d96d569c3 100644
--- a/core/modules/startup/rootwidget.js
+++ b/core/modules/startup/rootwidget.js
@@ -52,7 +52,9 @@ exports.startup = function() {
 			basicAuthUsername: params["basic-auth-username"],
 			basicAuthUsernameFromStore: params["basic-auth-username-from-store"],
 			basicAuthPassword: params["basic-auth-password"],
-			basicAuthPasswordFromStore: params["basic-auth-password-from-store"]
+			basicAuthPasswordFromStore: params["basic-auth-password-from-store"],
+			bearerAuthToken: params["bearer-auth-token"],
+			bearerAuthTokenFromStore: params["bearer-auth-token-from-store"]
 		});
 	});
 	$tw.rootWidget.addEventListener("tm-http-cancel-all-requests",function(event) {
diff --git a/core/modules/utils/dom/http.js b/core/modules/utils/dom/http.js
index 65bdfd1e5..f16f1c512 100644
--- a/core/modules/utils/dom/http.js
+++ b/core/modules/utils/dom/http.js
@@ -104,6 +104,8 @@ basicAuthUsername: plain username for basic authentication
 basicAuthUsernameFromStore: name of password store entry containing username
 basicAuthPassword: plain password for basic authentication
 basicAuthPasswordFromStore: name of password store entry containing password
+bearerAuthToken: plain text token for bearer authentication
+bearerAuthTokenFromStore: name of password store entry contain bear authorization token
 */
 function HttpClientRequest(options) {
 	var self = this;
@@ -135,8 +137,11 @@ function HttpClientRequest(options) {
 	});
 	this.basicAuthUsername = options.basicAuthUsername || (options.basicAuthUsernameFromStore && $tw.utils.getPassword(options.basicAuthUsernameFromStore)) || "";
 	this.basicAuthPassword = options.basicAuthPassword || (options.basicAuthPasswordFromStore && $tw.utils.getPassword(options.basicAuthPasswordFromStore)) || "";
+	this.bearerAuthToken = options.bearerAuthToken || (options.bearerAuthTokenFromStore && $tw.utils.getPassword(options.bearerAuthTokenFromStore)) || "";
 	if(this.basicAuthUsername && this.basicAuthPassword) {
 		this.requestHeaders.Authorization = "Basic " + $tw.utils.base64Encode(this.basicAuthUsername + ":" + this.basicAuthPassword);
+	} else if(this.bearerAuthToken) {
+		this.requestHeaders.Authorization = "Bearer " + this.bearerAuthToken;
 	}
 }
 
diff --git a/editions/tw5.com/tiddlers/messages/WidgetMessage_ tm-http-request.tid b/editions/tw5.com/tiddlers/messages/WidgetMessage_ tm-http-request.tid
index d6efcb27c..76797b054 100644
--- a/editions/tw5.com/tiddlers/messages/WidgetMessage_ tm-http-request.tid	
+++ b/editions/tw5.com/tiddlers/messages/WidgetMessage_ tm-http-request.tid	
@@ -28,6 +28,8 @@ The following parameters are used:
 |basic-auth-username-from-store |<<.from-version "5.3.4">> Optional username for HTTP basic authentication, specified as the name of the entry in the password store containing the username |
 |basic-auth-password |<<.from-version "5.3.4">> Optional password for HTTP basic authentication |
 |basic-auth-password-from-store |<<.from-version "5.3.4">> Optional password for HTTP basic authentication, specified as the name of the entry in the password store containing the password |
+|bearerAuthToken |<<.from-version "5.3.6">> Optional plain text token for HTTP bearer authentication |
+|basic-auth-password-from-store |<<.from-version "5.3.6">> Optional token for HTTP bearer authentication, specified as the name of the entry in the password store containing the token |
 |var-* |Variables to be passed to the completion and progress handlers (without the "var-" prefix) |
 |bind-status |Title of tiddler to which the status of the request ("pending", "complete", "error") should be bound |
 |bind-progress |Title of tiddler to which the progress of the request (0 to 100) should be bound |