On-Premise Provisioning Supported HTTP Header Names

This article explains the supported values for the "HTTP Header Name" field when configuring provisioning for a custom SCIM app that uses the on-premise provisioning agent. If an invalid header name is used, the following error may be seen when testing the connector's configuration:

Invalid Authentication Header Parameter: <header_name> for the SCIM Connector

• On-Premise Provisioning
• OPP Agent
• System for Cross-domain Identity Management (SCIM)
• Okta Identity Engine (OIE)
• Okta Classic Engine

For security reasons, in the Okta release v2026.01.1 (fix OKTA-1000055), the SCIM app On-Premises Provisioning HTTP header name field for SCIM integration has been input-validated.

Only the header name Authorization is supported as of now.

To resolve this issue, follow the steps mentioned below:

1. Update the on-premises SCIM server to accept the header name Authorization.
2. Set the Authorization value in the Okta app, then click on Test Connector Configuration to verify, as shown in the example below:

3. Click Save.

NOTE: If there is a use case for other values, please raise this on Okta Ideas for consideration by following the steps outlined in the How to Submit a Feature or Enhancement Request using Okta Ideas documentation.