Fix: support claude code auth via subscription (anthropic)#14821
Merged
2 commits merged intoBerriAI:mainfrom Sep 24, 2025
Merged
Fix: support claude code auth via subscription (anthropic)#148212 commits merged intoBerriAI:mainfrom
2 commits merged intoBerriAI:mainfrom
Conversation
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
|
|
Contributor
Author
|
Contributor
Author
|
there are 3 test failed, but is not related to this tiny fix |
ghost
merged commit 
|
could you share a tutorial for how you're running a claude code max subscription through litellm? i think others would find this helpful as well @hazyone |
Contributor
|
@hazyone I needed to revert this, happy to help add it back in once the test is fixed. Please make sure this passes https://app.circleci.com/pipelines/github/BerriAI/litellm/43730/workflows/7dc22f65-f5dc-4192-b381-7d2b2f0e1f5e/jobs/707229/tests#failed-test-0 |
|
Hey @hazyone and litellm team, do you plan to work on this again since it got reverted? |
ric03uec
pushed a commit
to ric03uec/litellm
that referenced
this pull request
Nov 2, 2025
- Only inject x-api-key header when client doesn't provide authorization or x-api-key - Enables Claude Code OAuth flow while maintaining API key fallback - Based on reverted PR BerriAI#14821 (commit 96aed6a)
rcII
pushed a commit
to jamraca/litellm
that referenced
this pull request
Dec 16, 2025
Implements OAuth pass-through for Anthropic proxy endpoint, allowing Claude Code subscription users to authenticate via OAuth tokens without requiring an API key. Changes: - Modified anthropic_proxy_route to conditionally inject x-api-key header - Only injects x-api-key when BOTH Authorization and x-api-key headers are missing - Maintains backward compatibility with API key authentication - Enables OAuth tokens (sk-ant-oat01-*) to pass through untouched Testing: - Added comprehensive unit tests covering all authentication scenarios: * OAuth token priority (Authorization header) * Client API key priority (x-api-key header) * Server API key fallback * No authentication scenarios * Multiple auth headers present * Case-insensitive header checking - All tests use mocks (no real API calls) Implementation aligns with previously approved PR BerriAI#14821 logic. Fixes BerriAI#13380 Supersedes BerriAI#14821
pkieszcz
added a commit
to Bitropy/litellm
that referenced
this pull request
Mar 19, 2026
Client-provided credentials now take precedence over server credentials in the /anthropic/ passthrough endpoint. This enables mixed mode where: 1. Client sends x-api-key → forwarded as-is (user pays via own API key) 2. Client sends Authorization → forwarded as-is (user pays via OAuth/Max) 3. No client credentials + server ANTHROPIC_API_KEY → server key used 4. No client credentials + no server key → no credentials forwarded Previously the server always sent x-api-key (even literal "None" when unconfigured), overwriting any client-provided credentials and breaking Claude Code Max (OAuth) and BYOK scenarios. Supersedes the simpler one-liner from d742c76 on v1.81.12-stable-patched. Based on the approach from PR BerriAI#20429 (closed) and reverted PR BerriAI#14821.
This pull request was closed.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Support claude code auth via subscription
There is a problem, when you have max claude code subscription and want to collect metrics for it, overriding base url to : http://localhost:4000/anthropic, you would get 401 errors, because of x-api-key header
Relevant issues
"Fixes #13380"
Pre-Submission checklist
Please complete all items before asking a LiteLLM maintainer to review your PR
tests/litellm/directory, Adding at least 1 test is a hard requirement - see detailsmake test-unitType
🐛 Bug Fix
Changes
We now replace the x-api-key header only if two conditions are met simultaneously: