diff --git a/source/extensions/filters/http/gcp_authn/gcp_authn_filter.cc b/source/extensions/filters/http/gcp_authn/gcp_authn_filter.cc
index 6c5adbad6d966..8276350ce2753 100644
--- a/source/extensions/filters/http/gcp_authn/gcp_authn_filter.cc
+++ b/source/extensions/filters/http/gcp_authn/gcp_authn_filter.cc
@@ -15,7 +15,7 @@ namespace GcpAuthn {
 namespace {
 void addTokenToRequest(Http::RequestHeaderMap& hdrs, absl::string_view token_str) {
   std::string id_token = absl::StrCat("Bearer ", token_str);
-  hdrs.addCopy(authorizationHeaderKey(), id_token);
+  hdrs.setCopy(authorizationHeaderKey(), id_token);
 }
 } // namespace
 
diff --git a/test/extensions/filters/http/gcp_authn/gcp_authn_filter_integration_test.cc b/test/extensions/filters/http/gcp_authn/gcp_authn_filter_integration_test.cc
index c871931f7986d..551e6ed82fbe2 100644
--- a/test/extensions/filters/http/gcp_authn/gcp_authn_filter_integration_test.cc
+++ b/test/extensions/filters/http/gcp_authn/gcp_authn_filter_integration_test.cc
@@ -89,8 +89,14 @@ class GcpAuthnFilterIntegrationTest : public testing::TestWithParam<Network::Add
               {":method", "POST"}, {":path", "/"}, {":scheme", "http"}, {":authority", "host"}},
           "test");
     } else {
-      response_ = codec_client_->makeHeaderOnlyRequest(Http::TestRequestHeaderMapImpl{
-          {":method", "GET"}, {":path", "/"}, {":scheme", "http"}, {":authority", "host"}});
+      response_ = codec_client_->makeHeaderOnlyRequest(
+          Http::TestRequestHeaderMapImpl{{":method", "GET"},
+                                         {":path", "/"},
+                                         {":scheme", "http"},
+                                         {":authority", "host"},
+                                         // Add a pair with `Authorization` as the key for
+                                         // verification of header map overridden behavior.
+                                         {"Authorization", "test"}});
     }
   }
 
@@ -145,8 +151,12 @@ class GcpAuthnFilterIntegrationTest : public testing::TestWithParam<Network::Add
       ASSERT_FALSE(upstream_request_->headers().get(authorizationHeaderKey()).empty());
       // The expected ID token is in format of `Bearer ID_TOKEN`
       std::string id_token = absl::StrCat("Bearer ", MockTokenString);
-      // Verify the request header modification: the token returned from authentication server
-      // has been added to the request header that is sent to destination upstream.
+      // Verify the request header modification:
+      // 1) Only one entry with authorization header key. i.e., Any existing values should be
+      // overridden by response from authentication server.
+      EXPECT_EQ(upstream_request_->headers().get(authorizationHeaderKey()).size(), 1);
+      // 2) the token returned from authentication server has been added to the request header that
+      // is sent to destination upstream.
       EXPECT_EQ(
           upstream_request_->headers().get(authorizationHeaderKey())[0]->value().getStringView(),
           id_token);