> That is used everywhere - take a look at any random API and there is roughly 90% chance that this is the authentication mechanism used.

I have no idea where you got that idea from. I'm yet to work in a project where any service doesn't employ a mix of bearer token authentication schemes and API keys.