Authorization header not visible in API request for test environment only

This problem is only noticed in test environment.

Prod environment works fine.

I used the following method in swagger spec for Authorization JWT token. The API uses an apikey to validate requests.

      security:
        - apiClientId: []  
.
.
.
 securitySchemes:
    apiClientId:
      type: apiKey
      in: header
      name: x-apikey

In Prod environment, when I trace the request I can see Authorization request header is passed.

But in test environment its not part of the request.

If I add this to swagger spec:

      security:
        - apiClientId: []    
        - bearerAuth: []
.
.
.

  securitySchemes:
    apiClientId:
      type: apiKey
      in: header
      name: x-apikey
    bearerAuth:            
      type: http
      scheme: bearer
      bearerFormat: JWT 

This will work as it passes the Authorization header in request. However, I dont want to use this approach because even though it works in test environment, it behaves different in prod.

In prod environment, it will ask for basic authentication.

Please advice if this is a bug or there is a solution.

Hi @charvi gahlot,

That’s highly unlikely situation you’re describing, I do not think if there’s such bugs. So If your configurations are proper across all your environments, above should just works and behavior should be the same.

I’d like to ask what leads you to conclude -

| This problem is only noticed in test environment.

Can you also share the screen shot of the trace session for both test/prod possibly so can look further?