Extract bearerToken from HTTP headers in streamlit

Below is my react app code, where based on application logic I route it to a streamlit application running on a different server.

We want to authenticate the user at the streamlit application. So, we send the bearerToken as a part of query parameter in the url as below.

Routing to the streamlit application using window.location.href along with sending the bearerToken

window.location.href = `http://streamlit_url?key=` + bearerToken

We receive the bearerToken from query param in streamlit using below code and validate the user:

query_params = st.experimental_get_query_params()
token = query_params["key"]

Sending the bearerToken as part of query param has security issues.

Can someone assist on how to send the bearer token via HTTP header parameter in the react UI component and route it to the streamlit application. So, the bearerToken can be received in the streamlit application and the user can be validated.
Please suggest an alternative solution.