If you want to just include a specific header then use the Authentication Env Vars: ``` ZAP_AUTH_HEADER_VALUE - if this is defined then its value will be added as a header to all of the requests ZAP_AUTH_HEADER - if this is defined then its value will be used as the header name - if it is not defined then the standard Authorization header will be used ZAP_AUTH_HEADER_SITE - if this is defined then the header will only be included in sites whose name includes its value ``` For anything else start with the ZAP docs: https://www.zaproxy.org/docs/authentication/

Why not just use the authentication env vars supported natively by ZAP?
- ZAP_AUTH_HEADER_VALUE - if this is defined then its value will be added as a header to all of the requests - ZAP_AUTH_HEADER - if this is defined then its value will be used as the header name - if it is not defined then the standard Authorization header will be used - ZAP_AUTH_HEADER_SITE - if this is defined then the header will only be included in sites whose name includes its value
All documented on https://www.zaproxy.org/docs/authentication/handling-auth-yourself/