Embedded Outpost (proxy) does not generate Basic Authorization header in Forward Auth (single application) since version 25.10.0

[adrianmusante]

Describe the bug

Since version 25.10.0, the authentik Embedded Outpost (type: proxy) stopped generating the Authorization: Basic ... header when the Send HTTP-Basic Authentication option is enabled and using Forward Auth (single application) mode. As a result, the application behind the proxy displays the basic authentication form.
It worked correctly in previous versions.

To Reproduce
Steps to reproduce the behavior:

1. Create a Proxy Provider
2. Click on Forward auth (single application)
3. Set External Host
4. Scroll to Authentication Settings
   4.1. Enable Intercept header authentication
   4.2. Enable Send HTTP-Basic Authentication
   4.3. Set HTTP-Basic Username Key
   4.4. Set HTTP-Basic Password Key

Expected behavior
Before release 25.10.0, it worked correctly: after requesting authorization via redirect, the application behind the proxy does not show the basic auth form.

Screenshots
Not necessary for now.

Logs
No errors are observed in the logs that explain the cause of the bug.

Version and Deployment (please complete the following information):

• authentik version: 2025.10.0
• Deployment: docker-compose

Additional context
The application uses Nginx Proxy Manager as proxy.

[jemand771]

from how I understand things, this is a known issue and fixed by #17759

[adrianmusante]

from how I understand things, this is a known issue and fixed by #17759

Thanks for the heads up! I just tried the image ghcr.io/goauthentik/dev-server:gh-6c26141acc2452aa0d4b124236f3214cbc97e918 with the fix, and it’s working again for me. I’ll close this issue and keep an eye out for the final release with the patch.