Ask a Question

Missing header

New Contributor

Missing header

When submitting a request with an Authorization header, it seems to be stripped out when it is received.  Message returned is "Bad Request: The authorization header is null or empty or isn't bearer. Please contact support."  Developers verify that the header is missing, not that the token is null or empty.


Request works fine in Postman, just not Ready API.  This broke when the service was moved to Azure. 


Community Hero

Hey @jodydowling,

So the request doesnt even include the Authorization header, not that the value is blank, right?

Well thats a new one on me.

Can you clarify the authorisation scheme being used in your request? Basic auth? OAuth?
When you use (for example) basic auth, the Auth header is dynamically created based on (if i can remember correctly) a base64 encode of the username and password. If for some reason the Authorization header isnt being generated or the value isnt being generated you can hard code the Authorization header (along with the value) to force the presence of the missing Auth header in your request.

When you add the header, make sure you spell it correctly or it wont work.
The reason im saying this is that (im british and you spell Authorization as Authorisation...however, the headers spelling is US english....spelled with the 'z'

Ok, thats it. Force the presence of the header by actually adding an Authorization header and you should be golden!

Nice one,

if this helped answer the post, could you please mark it as 'solved'? Also if you consider whether the title of your post is relevant? Perhaps if the post is solved, it might make sense to update the Subject header field of the post to something more descriptive? This will help people when searching for problems. Ta
SmartBear Alumni (Retired)

Thanks a lot for the valuable input here Richie🙂


Hi @jodydowling! Does this advice help?

Sonya Mihaljova
Community and Education Specialist

I manually add the header and it appears in the Raw Request, however, I still get the message.  As noted in my original inquiry, this works fine in Postman and worked previously in Ready API.  It broke when the service was moved to AZURE.  I suspect that some security function is stripping out the header, but was looking to see if anyone else has experienced any issues after the services moved to the cloud.


Accept-Encoding: gzip,deflate
Content-Type: text/xml;charset=UTF-8
SOAPAction: "GetABCMetaData"
Authorization: Bearer eyJhbGciOiJSUzI1UrkpgYaXznJhPNPCEfbnsLJiJYwg
ClientID: A42F5
Content-Length: 937
Connection: Keep-Alive
User-Agent: Apache-HttpClient/4.5.2 (Java/12.0.1)

Showing results for 
Search instead for 
Did you mean: