I was working on a small app last week using the developer docs and was wondering if you could make a correction. The docs suggest that the tokens received for accessing resources are bearer tokens meant to be posted as headers when requesting resources however in practice (at least for the `/athlete/activities` endpoint) the v3 api expects the access_token to be sent as a query parameter. Is there any chance the docs could be updated to reflect this or at least clarify that different resources require different forms of access tokens? What was especially confusing is that when I went through the redirect flow the token was explicitly listed as `token_type: Bearer` which was not correct.
I'm using athlete/activities with the bearer token in the header and I'm convinced everbody else does too. Maybe you have just found an additional way with the query parameter, I didn't have tested that.