Description of problem:
Under the “Authentication” section of the API recommended practices page, the instructions read "Include the JWT in an HTTP
Authentication header, e.g.
These instructions are incorrect, and if followed, the header is ignored. The instructions should read "Include the JWT in an HTTP
Authorization header, e.g.
Authorization: Bearer YOUR_JWT"
This agrees with the report in posting https://forum.inaturalist.org/t/how-does-one-turn-an-authorization-code-into-a-jwt/13528 as well as the HTTP spec and I have tested it as working.