diff --git a/auth.go b/auth.go
index 0fbe841..fc927c4 100644
--- a/auth.go
+++ b/auth.go
@@ -51,8 +51,7 @@ func (app *appContext) authenticate(gc *gin.Context) {
 		respond(401, "Unauthorized", gc)
 		return
 	}
-	creds, _ := base64.StdEncoding.DecodeString(header[1])
-	token, err := jwt.Parse(string(creds), checkToken)
+	token, err := jwt.Parse(string(header[1]), checkToken)
 	if err != nil {
 		app.debug.Printf("Auth denied: %s", err)
 		respond(401, "Unauthorized", gc)
@@ -103,7 +102,7 @@ type getTokenDTO struct {
 }
 
 // @Summary Grabs an API token using username & password.
-// @description Click the lock icon next to this, login with your normal jfa-go credentials. Click 'try it out', then 'execute' and an API Key will be returned, copy it (not including quotes). On any of the other routes, click the lock icon and set the API key as "Bearer <your api key>".
+// @description Click the lock icon next to this, login with your normal jfa-go credentials. Click 'try it out', then 'execute' and an API Key will be returned, copy it (not including quotes). On any of the other routes, click the lock icon and set the API key as "Bearer `your api key`".
 // @Produce json
 // @Success 200 {object} getTokenDTO
 // @Failure 401 {object} stringResponse
diff --git a/ts/modules/common.ts b/ts/modules/common.ts
index 12eb1c4..209cb19 100644
--- a/ts/modules/common.ts
+++ b/ts/modules/common.ts
@@ -48,7 +48,7 @@ export const _get = (url: string, data: Object, onreadystatechange: () => void):
     let req = new XMLHttpRequest();
     req.open("GET", url, true);
     req.responseType = 'json';
-    req.setRequestHeader("Authorization", "Bearer " + btoa(window.token));
+    req.setRequestHeader("Authorization", "Bearer " + window.token);
     req.setRequestHeader('Content-Type', 'application/json; charset=UTF-8');
     req.onreadystatechange = onreadystatechange;
     req.send(JSON.stringify(data));
@@ -60,7 +60,7 @@ export const _post = (url: string, data: Object, onreadystatechange: () => void,
     if (response) {
         req.responseType = 'json';
     }
-    req.setRequestHeader("Authorization", "Bearer " + btoa(window.token));
+    req.setRequestHeader("Authorization", "Bearer " + window.token);
     req.setRequestHeader('Content-Type', 'application/json; charset=UTF-8');
     req.onreadystatechange = onreadystatechange;
     req.send(JSON.stringify(data));
@@ -69,7 +69,7 @@ export const _post = (url: string, data: Object, onreadystatechange: () => void,
 export function _delete(url: string, data: Object, onreadystatechange: () => void): void {
     let req = new XMLHttpRequest();
     req.open("DELETE", url, true);
-    req.setRequestHeader("Authorization", "Bearer " + btoa(window.token));
+    req.setRequestHeader("Authorization", "Bearer " + window.token);
     req.setRequestHeader('Content-Type', 'application/json; charset=UTF-8');
     req.onreadystatechange = onreadystatechange;
     req.send(JSON.stringify(data));