Author: steep_45481
Channel: #shelley
Link: https://discord.com/channels/1405685085923049482/1450334528210993295/1497794686751080619
Description
Currently, Shelley always sends an HTTP Authorization header when making requests to custom model endpoints. This causes issues when connecting to endpoints that don't expect or accept this header (e.g., Tailscale Aperture), resulting in 401 errors.
The user needs the ability to configure custom models without an API key, or with a special value that prevents the Authorization header from being sent.
Problem
When connecting to https://aperture.tailscale.com, the Authorization header causes a 401 response even though:
- The VM is joined to the tailnet
- ACLs/grants are configured correctly
- Requests without the Authorization header work successfully
Reproduction
With Authorization header (fails):
curl -s http://ai/v1/chat/completions \
-H "Authorization: foo" \
-H "Content-Type: application/json" \
-d '{
"model": "claude-haiku-4-5",
"messages": [{"role": "user", "content": "hi"}]
}'Result: {"error":{"code":"authentication_error","message":"Invalid Anthropic API Key"}}
Without Authorization header (works):
curl -s http://ai/v1/chat/completions \
-H "Content-Type: application/json" \
-d '{
"model": "claude-haiku-4-5",
"messages": [{"role": "user", "content": "hi"}]
}'Result: Successful response with chat completion
Current Workaround
Running a localhost Caddy reverse proxy that strips the Authorization header and forwards requests to Tailscale Aperture.
Proposed Solution
Allow configuration of custom models without requiring an API key, or support a special value that indicates no Authorization header should be sent.
Author: steep_45481
Channel: #shelley
Link: https://discord.com/channels/1405685085923049482/1450334528210993295/1497794686751080619
Description
Currently, Shelley always sends an HTTP Authorization header when making requests to custom model endpoints. This causes issues when connecting to endpoints that don't expect or accept this header (e.g., Tailscale Aperture), resulting in 401 errors.
The user needs the ability to configure custom models without an API key, or with a special value that prevents the Authorization header from being sent.
Problem
When connecting to https://aperture.tailscale.com, the Authorization header causes a 401 response even though:
Reproduction
With Authorization header (fails):
Result:
{"error":{"code":"authentication_error","message":"Invalid Anthropic API Key"}}Without Authorization header (works):
Result: Successful response with chat completion
Current Workaround
Running a localhost Caddy reverse proxy that strips the Authorization header and forwards requests to Tailscale Aperture.
Proposed Solution
Allow configuration of custom models without requiring an API key, or support a special value that indicates no Authorization header should be sent.