diff --git a/lib/ruby_llm/mcp/auth.rb b/lib/ruby_llm/mcp/auth.rb
index f74aa6b..81ed1a3 100644
--- a/lib/ruby_llm/mcp/auth.rb
+++ b/lib/ruby_llm/mcp/auth.rb
@@ -54,7 +54,9 @@ def expires_soon?
         # Format token for Authorization header
         # @return [String] formatted as "Bearer {access_token}"
         def to_header
-          "#{@token_type} #{@access_token}"
+          token_type = @token_type.to_s.strip
+          token_type = "Bearer" if token_type.empty? || token_type.casecmp("bearer").zero?
+          "#{token_type} #{@access_token}"
         end
 
         # Serialize token to hash
diff --git a/spec/ruby_llm/mcp/auth/token_spec.rb b/spec/ruby_llm/mcp/auth/token_spec.rb
new file mode 100644
index 0000000..aa93c46
--- /dev/null
+++ b/spec/ruby_llm/mcp/auth/token_spec.rb
@@ -0,0 +1,25 @@
+# frozen_string_literal: true
+
+require "spec_helper"
+
+RSpec.describe RubyLLM::MCP::Auth::Token do
+  describe "#to_header" do
+    it "formats default bearer token type" do
+      token = described_class.new(access_token: "abc123")
+
+      expect(token.to_header).to eq("Bearer abc123")
+    end
+
+    it "normalizes lowercase bearer token type to canonical Bearer" do
+      token = described_class.new(access_token: "abc123", token_type: "bearer")
+
+      expect(token.to_header).to eq("Bearer abc123")
+    end
+
+    it "preserves non-bearer token types" do
+      token = described_class.new(access_token: "abc123", token_type: "DPoP")
+
+      expect(token.to_header).to eq("DPoP abc123")
+    end
+  end
+end