"Because of the security weaknesses associated with the URI method (see Section 5), including the high likelihood that the URL containing the access token will be logged, it SHOULD NOT be used unless it is impossible to transport the access token in the Authorization request header field or the HTTP request entity-body. Resource servers MAY support this method."
This way it's possible to use authentication over headers, put other information into the headers etc.
http://self-issued.info/docs/draft-ietf-oauth-v2-bearer.html
2.3. URI Query Parameter
"Because of the security weaknesses associated with the URI method (see Section 5), including the high likelihood that the URL containing the access token will be logged, it SHOULD NOT be used unless it is impossible to transport the access token in the Authorization request header field or the HTTP request entity-body. Resource servers MAY support this method."
Closed, just use a cookie for the authentication.