fix(bedrock): Filter anthropic-beta header for Bedrock passthrough

[brian-lai]

Summary

• Filters out anthropic-beta header from requests before forwarding to AWS Bedrock
• Prevents "invalid beta flag" errors when using Claude Code or other clients that send Anthropic beta headers through LiteLLM proxy to Bedrock

Problem

When using Claude Code with LiteLLM as a proxy to AWS Bedrock, requests fail with:

{"message":"invalid beta flag"}

This happens because Claude Code sends anthropic-beta: oauth-2025-04-20 (or other beta values) headers, which AWS Bedrock doesn't recognize or support.

Solution

Filter the anthropic-beta header (case-insensitively) in BedrockPassthroughConfig.sign_request() before the request is signed and forwarded to Bedrock.

Key points:

• Filtering happens before AWS SigV4 signing (critical for signature validity)
• Case-insensitive matching handles Anthropic-Beta, ANTHROPIC-BETA, etc.
• Other headers like anthropic-version are preserved

Test plan

• Unit tests added covering:
  • Basic header filtering
  • Case-insensitive filtering
  • Multiple beta value types
  • Preservation of other headers
  • Edge cases (empty headers, only-beta-header)
• Manual testing with Claude Code + LiteLLM proxy + Bedrock

Run tests:

pytest tests/test_litellm/llms/bedrock/passthrough/test_bedrock_header_filtering.py -v

Related

• Claude Code issue: Plan mode initiates implementation without creating a GitHub Issue anthropics/claude-code#2003

🤖 Generated with Claude Code

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
litellm	Ready	Preview, Comment	Feb 3, 2026 2:13am

[CLAassistant]

All committers have signed the CLA.

[hunterchris]

💣 We are having the same issues when using the claude-code action through litellm; we are running 1.81.3-nightly.

[greptile-apps]

Greptile Overview

Greptile Summary

Filters unsupported anthropic-beta header values before forwarding requests to AWS Bedrock, preventing "invalid beta flag" errors when clients like Claude Code send headers that Bedrock doesn't support.

Key Changes

• Added BEDROCK_SUPPORTED_BETAS whitelist containing 11 beta flags officially supported by AWS Bedrock
• Implemented _filter_anthropic_beta_header() method that parses comma-separated beta values and filters to only supported ones
• Filtering occurs before AWS SigV4 signing in sign_request() to maintain signature validity
• Case-insensitive header matching handles various capitalizations
• If no supported beta values remain after filtering, the header is omitted entirely

Impact

• Fixes Claude Code integration with Bedrock when MCP servers are configured (sends mcp-servers-2025-12-04)
• Fixes OAuth beta header issues (oauth-2025-04-20)
• Maintains compatibility with supported beta flags like computer-use-2024-10-22, token-efficient-tools-2025-02-19, etc.
• Consistent with the whitelist-based approach used in Invoke API (PR fix: filter unsupported beta headers for AWS Bedrock Invoke API #19877)

Test Coverage

• Comprehensive test suite with 11 test cases covering edge cases, case-insensitivity, mixed values, and header preservation
• All tests properly mock _sign_request to verify filtered headers without requiring AWS credentials

Confidence Score: 5/5

• Safe to merge - well-tested fix that prevents request failures without breaking existing functionality
• Clean implementation following existing patterns, comprehensive test coverage (11 tests), proper placement before AWS signing, consistent with Invoke API approach (PR fix: filter unsupported beta headers for AWS Bedrock Invoke API #19877), and solves a real user-facing issue
• No files require special attention

Important Files Changed

Filename	Overview
litellm/llms/bedrock/passthrough/transformation.py	Added whitelist-based filtering for anthropic-beta headers to prevent "invalid beta flag" errors from Bedrock
tests/test_litellm/llms/bedrock/passthrough/test_bedrock_header_filtering.py	Comprehensive test suite covering all filtering scenarios including edge cases and case-insensitive matching

Sequence Diagram

sequenceDiagram
    participant CC as Claude Code
    participant LP as LiteLLM Proxy
    participant BPC as BedrockPassthroughConfig
    participant AWS as AWS Bedrock
    
    CC->>LP: POST /bedrock/messages<br/>Headers: anthropic-beta: oauth-2025-04-20,mcp-servers-2025-12-04
    LP->>BPC: sign_request(headers, ...)
    BPC->>BPC: _filter_anthropic_beta_header(headers)
    Note over BPC: Parse comma-separated values<br/>Filter against BEDROCK_SUPPORTED_BETAS<br/>oauth-2025-04-20 ❌ (unsupported)<br/>mcp-servers-2025-12-04 ❌ (unsupported)<br/>Header omitted (no supported betas remain)
    BPC->>BPC: _sign_request(filtered_headers, ...)
    Note over BPC: Sign request with AWS SigV4<br/>(without anthropic-beta header)
    BPC-->>LP: Signed headers + body
    LP->>AWS: POST /model/.../invoke<br/>(No anthropic-beta header)
    AWS-->>LP: 200 OK (Success)
    LP-->>CC: 200 OK (Success)

Loading

[greptile-apps]

_{2 files reviewed, 1 comment}

_{Edit Code Review Agent Settings | Greptile}

[hunterchris]

The lint failure is a pre-existing issue in integrations/opentelemetry.py:1013 (mypy error about LogRecord attribute) that exists on the main branch - it's not related to this PR's changes.

Could this be merged despite the CI failure? The actual fix here is correct and tested.

[brian-lai]

@hunterchris if you're still waiting for this PR to get merged in, try https://github.com/brian-lai/anthropic-beta-stripping-proxy

you can easily set this up wherever you're running your nightly execution of claude code and have claude-code hit the local proxy instead. that will strip ALL beta headers from the request before it gets to litellm

you don't necessarily have to use the repo, but the pattern is simple and easily adaptable for any setup

[Quentin-M]

While we started by striping headers manually in Istio, we now have a much longer term solution for our company.. My PR includes a commit that centralizes and fixes definitely the header stripping issue by setting up a straightforward system that blocks beta headers by default, and then allows beta headers based on the specifics models called & its support.