When I send a request with an authorization header to an API hosted on Vercel, the API cannot access that header. I logged the incoming headers and found that the authorization header is missing. How can I fix this?
Hi @heshanthenura, welcome to the Vercel Community!
Thanks for posting your question here. Could you please share a code snippet of where you are trying to access the header?
Also, it’d be helpful to add context about the tech stack and other details about your project to help community members suggest solutions.
Thanks @heshanthenura.
Could you also share the code that makes the get request? So we can confirm if the headers are being sent correctly.
Also, can you confirm if the headers are received when you run the application locally?
this is how i do when i hosted
Content-Length: 0
X-Vercel-Ip-Country-Region: 4
X-Vercel-Internal-Intra-Session: 3.Rk1BTUJSQ3ZTVHlEM1NHc4jKHVOWQYeuaHDMCpETpxLkT2jwDeIVyt9DBsOo6ygP
X-Vercel-Proxied-For: 112.135.56.223
X-Vercel-Ip-Country: LK
X-Real-Ip: 112.135.56.223
X-Forwarded-Host: gayaai-v2-backend.vercel.app
X-Vercel-Forwarded-For: 112.135.56.223
X-Vercel-Id: sin1::nfg8l-1736325249398-7138dbc73478
X-Vercel-Ja4-Digest: t13d3112h2_e8f1e7e78f70_b26ce05bbdd6
X-Vercel-Proxy-Signature-Ts: 1736325549
X-Vercel-Ip-As-Number: 9329
Forwarded: for=112.135.56.223;host=gayaai-v2-backend.vercel.app;proto=https;sig=0QmVhcmVyIDQ3YWQ4Y2FkMjc1MDY5ZWJmYTE5ZDM4NGYyNjY1Nzg0MGRlMmQ4YWY1MzIyYWI3NmM5OTYxMzhiNTA5YTcyNWY=;exp=1736325549
Accept: */*
X-Vercel-Internal-Ingress-Bucket: bucket017
Accept-Encoding: gzip
Test: asdada
X-Vercel-Ip-Latitude: 9.6708
X-Forwarded-Proto: https
X-Vercel-Ip-Longitude: 80.0067
X-Vercel-Ip-Continent: AS
X-Vercel-Ip-City: Jaffna
X-Vercel-Deployment-Url: gayaai-v2-backend-kv2wi38lb-heshanthenuras-projects.vercel.app
X-Vercel-Ip-Postal-Code: 40000
X-Vercel-Proxy-Signature: Bearer 47ad8cad275069ebfa19d384f26657840de2d8af5322ab76c996138b509a725f
X-Forwarded-For: 112.135.56.223
User-Agent: insomnia/10.3.0
X-Vercel-Ip-Timezone: Asia/Colombo
Host: gayaai-v2-backend.vercel.app
X-Min-Bytecode-Size: 300000
X-Max-Bytecode-Size: 31457280
Connection: close
it got all except authorization header
Hi @heshanthenura, I tried recreating the python example in http server and it works for me
from http.server import BaseHTTPRequestHandler
class handler(BaseHTTPRequestHandler):
def do_GET(self):
authheader = self.headers.get('Authorization')
print('Auth header is: ' + str(authheader))
self.send_response(200)
self.send_header('Content-type', 'text/plain')
self.end_headers()
response_message = 'Hi at ' + self.path + ' , world!'
self.wfile.write(response_message.encode('utf-8'))
See the outcome below:
If you need more help, please share your public repo or a minimal reproducible example. That will let us all work together from the same code to figure out what’s going wrong.
hellow, you checked it? 
Hi @heshanthenura, sorry for the delayed reply. But, I wasn’t able to recreate this issue on my repository you shared. I could see the Authorization header coming through in Vercel logs:
This is the code that I deployed to Vercel:
I hope this helps.
Thank you for your time, I’ll check and tell you 
in your insomnia look its bad request 404
Hi @heshanthenura, yes, it’s a 400 BAD Request because I don’t have a valid token, which your application expects.
What’s important to note is that the Authorization header value came through to the application code (visible in the logs).
I hope this was helpful.
1 Like
This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.