Under the “Authentication” section of the API recommended practices page, the instructions read "Include the JWT in an HTTP Authentication header, e.g. Authentication: YOUR_JWT"
These instructions are incorrect, and if followed, the header is ignored. The instructions should read "Include the JWT in an HTTP Authorization header, e.g. Authorization: Bearer YOUR_JWT"
the referenced post actually is talking about something slightly different than what the API recommended practices is talking about, but you’re right that the required syntax is the same and that the syntax noted on the recommended practices page is not quite right:
you need to specify an Authorization header, not an Authentication header, and
you need to specify Bearer as the Authorization type (before the token)
it looks like the first part of the issue has been addressed. for the second item, i think the need for “Bearer” might actually just depend on what you’re using to make the request. so it’s probably okay that the instructions don’t include “Bearer” (or a note could be added that some clients might require “Bearer”).