diff --git a/pkg/apis/options/legacy_options.go b/pkg/apis/options/legacy_options.go
index e22278fa..392e1a6a 100644
--- a/pkg/apis/options/legacy_options.go
+++ b/pkg/apis/options/legacy_options.go
@@ -89,6 +89,7 @@ func (l *LegacyOptions) ToOptions() (*Options, error) {
 	l.Options.Server, l.Options.MetricsServer = l.LegacyServer.convert()
 
 	l.Options.LegacyPreferEmailToUser = l.LegacyHeaders.PreferEmailToUser
+	l.Options.AuthorizationHeaderName = l.LegacyHeaders.AuthorizationHeaderName
 
 	providers, err := l.LegacyProvider.convert()
 	if err != nil {
@@ -201,9 +202,10 @@ type LegacyHeaders struct {
 	SetXAuthRequest  bool `flag:"set-xauthrequest" cfg:"set_xauthrequest"`
 	SetAuthorization bool `flag:"set-authorization-header" cfg:"set_authorization_header"`
 
-	PreferEmailToUser    bool   `flag:"prefer-email-to-user" cfg:"prefer_email_to_user"`
-	BasicAuthPassword    string `flag:"basic-auth-password" cfg:"basic_auth_password"`
-	SkipAuthStripHeaders bool   `flag:"skip-auth-strip-headers" cfg:"skip_auth_strip_headers"`
+	PreferEmailToUser       bool   `flag:"prefer-email-to-user" cfg:"prefer_email_to_user"`
+	BasicAuthPassword       string `flag:"basic-auth-password" cfg:"basic_auth_password"`
+	AuthorizationHeaderName string `flag:"authorization-header-name" cfg:"authorization_header_name"`
+	SkipAuthStripHeaders    bool   `flag:"skip-auth-strip-headers" cfg:"skip_auth_strip_headers"`
 }
 
 func legacyHeadersFlagSet() *pflag.FlagSet {
@@ -220,6 +222,7 @@ func legacyHeadersFlagSet() *pflag.FlagSet {
 
 	flagSet.Bool("prefer-email-to-user", false, "Prefer to use the Email address as the Username when passing information to upstream. Will only use Username if Email is unavailable, eg. htaccess authentication. Used in conjunction with -pass-basic-auth and -pass-user-headers")
 	flagSet.String("basic-auth-password", "", "the password to set when passing the HTTP Basic Auth header")
+	flagSet.String("authorization-header-name", "Authorization", "name of the authorization header to use instead of Authorization")
 	flagSet.Bool("skip-auth-strip-headers", true, "strips X-Forwarded-* style authentication headers & Authorization header if they would be set by oauth2-proxy")
 
 	return flagSet
@@ -235,7 +238,7 @@ func (l *LegacyHeaders) getRequestHeaders() []Header {
 	requestHeaders := []Header{}
 
 	if l.PassBasicAuth && l.BasicAuthPassword != "" {
-		requestHeaders = append(requestHeaders, getBasicAuthHeader(l.PreferEmailToUser, l.BasicAuthPassword))
+		requestHeaders = append(requestHeaders, getBasicAuthHeader(l.PreferEmailToUser, l.BasicAuthPassword, l.AuthorizationHeaderName))
 	}
 
 	// In the old implementation, PassUserHeaders is a subset of PassBasicAuth
@@ -249,7 +252,7 @@ func (l *LegacyHeaders) getRequestHeaders() []Header {
 	}
 
 	if l.PassAuthorization {
-		requestHeaders = append(requestHeaders, getAuthorizationHeader())
+		requestHeaders = append(requestHeaders, getAuthorizationHeader(l.AuthorizationHeaderName))
 	}
 
 	for i := range requestHeaders {
@@ -270,24 +273,28 @@ func (l *LegacyHeaders) getResponseHeaders() []Header {
 	}
 
 	if l.SetBasicAuth {
-		responseHeaders = append(responseHeaders, getBasicAuthHeader(l.PreferEmailToUser, l.BasicAuthPassword))
+		responseHeaders = append(responseHeaders, getBasicAuthHeader(l.PreferEmailToUser, l.BasicAuthPassword, l.AuthorizationHeaderName))
 	}
 
 	if l.SetAuthorization {
-		responseHeaders = append(responseHeaders, getAuthorizationHeader())
+		responseHeaders = append(responseHeaders, getAuthorizationHeader(l.AuthorizationHeaderName))
 	}
 
 	return responseHeaders
 }
 
-func getBasicAuthHeader(preferEmailToUser bool, basicAuthPassword string) Header {
+func getBasicAuthHeader(preferEmailToUser bool, basicAuthPassword string, headerName string) Header {
 	claim := "user"
 	if preferEmailToUser {
 		claim = "email"
 	}
 
+	if headerName == "" {
+		headerName = "Authorization"
+	}
+
 	return Header{
-		Name: "Authorization",
+		Name: headerName,
 		Values: []HeaderValue{
 			{
 				ClaimSource: &ClaimSource{
@@ -368,9 +375,13 @@ func getPassAccessTokenHeader() Header {
 	}
 }
 
-func getAuthorizationHeader() Header {
+func getAuthorizationHeader(headerName string) Header {
+	if headerName == "" {
+		headerName = "Authorization"
+	}
+
 	return Header{
-		Name: "Authorization",
+		Name: headerName,
 		Values: []HeaderValue{
 			{
 				ClaimSource: &ClaimSource{
diff --git a/pkg/apis/options/options.go b/pkg/apis/options/options.go
index 8fa72c7c..98a59769 100644
--- a/pkg/apis/options/options.go
+++ b/pkg/apis/options/options.go
@@ -56,6 +56,7 @@ type Options struct {
 	SkipAuthRegex            []string `flag:"skip-auth-regex" cfg:"skip_auth_regex"`
 	SkipAuthRoutes           []string `flag:"skip-auth-route" cfg:"skip_auth_routes"`
 	SkipJwtBearerTokens      bool     `flag:"skip-jwt-bearer-tokens" cfg:"skip_jwt_bearer_tokens"`
+	AuthorizationHeaderName  string   `flag:"authorization-header-name" cfg:"authorization_header_name"`
 	BearerTokenLoginFallback bool     `flag:"bearer-token-login-fallback" cfg:"bearer_token_login_fallback"`
 	ExtraJwtIssuers          []string `flag:"extra-jwt-issuers" cfg:"extra_jwt_issuers"`
 	SkipProviderButton       bool     `flag:"skip-provider-button" cfg:"skip_provider_button"`