diff --git a/lib/handlers/authenticate-handler.js b/lib/handlers/authenticate-handler.js
index 7724742b..4e7ea36f 100644
--- a/lib/handlers/authenticate-handler.js
+++ b/lib/handlers/authenticate-handler.js
@@ -146,7 +146,7 @@ AuthenticateHandler.prototype.getTokenFromRequest = function(request) {
 
 AuthenticateHandler.prototype.getTokenFromRequestHeader = function(request) {
   const token = request.get('Authorization');
-  const matches = token.match(/^Bearer\s(\S+)/);
+  const matches = token.match(/^Bearer\s([0-9a-zA-Z-._~+/]+=*)$/);
 
   if (!matches) {
     throw new InvalidRequestError('Invalid request: malformed authorization header');