# Authentication header invalid

An `Authorization` header was sent with your request, but it isn't in a valid format.

---

## Example

```json
{
  "error": {
    "type": "request_error",
    "code": "authentication_malformed",
    "detail": "Authentication header included, but incorrectly formatted.",
    "documentation_url": "https://developer.paddle.com/errors/shared/authentication_malformed"
  },
  "meta": {
    "request_id": "00000000-0000-0000-0000-000000000000"
  }
}
```

## Details

| Attribute | Value |
| --- | --- |
| Status code | 403 |
| Error code | `authentication_malformed` |
| Error message | Authentication header included, but incorrectly formatted. |

## Common causes

- You included an `Authorization` header, but the API couldn't understand it. This suggests it's in the wrong format.
- There may be a proxy between you and Paddle that's changing the `Authorization` header.

## Common solutions

- Check that you set the [`Authorization` header correctly](https://developer.paddle.com/api-reference/about/authentication) for your request.
- Make sure that any proxies in use don't change the `Authorization` header.