Problem
Several enterprise LLM gateways sit behind Azure API Management (APIM) or similar reverse-proxy layers that require a custom auth header instead of (or in addition to) the standard Authorization: Bearer <key> scheme — e.g. Azure APIM's well-known Ocp-Apim-Subscription-Key header. In these setups the actual OpenAI-style api_key field is often just a placeholder/dummy value, and the real credential must be sent via a separate header.
Today, OPENWIKI_PROVIDER=openai-compatible only accepts OPENAI_COMPATIBLE_API_KEY + OPENAI_COMPATIBLE_BASE_URL, which get passed straight into LangChain's ChatOpenAI({ apiKey, configuration: { baseURL } }) with no way to inject additional headers. This makes it impossible to point OpenWiki at any gateway that authenticates via a custom header rather than a bearer token — even though the endpoint itself is otherwise fully OpenAI-API-compatible.
Proposed solution
Add an optional env var, e.g. OPENAI_COMPATIBLE_EXTRA_HEADERS (JSON object, or repeated Header-Name=value pairs), that gets merged into configuration.defaultHeaders when constructing the ChatOpenAI client for the openai-compatible provider. This is a small, additive change — LangChain's ChatOpenAI/underlying openai SDK already supports defaultHeaders in its client configuration, so this would just be plumbing an existing capability through OpenWiki's provider config.
Example use case
export OPENAI_COMPATIBLE_BASE_URL="https://my-internal-gateway.example.com/openai"
export OPENAI_COMPATIBLE_API_KEY="placeholder" # gateway ignores this
export OPENAI_COMPATIBLE_EXTRA_HEADERS='{"My-Gateway-Subscription-Key": "<real-key>"}'
openwiki personal
Happy to open a PR for this if the maintainers are open to the approach — wanted to check direction first since it touches the provider-construction code path in src/agent/index.ts.
Problem
Several enterprise LLM gateways sit behind Azure API Management (APIM) or similar reverse-proxy layers that require a custom auth header instead of (or in addition to) the standard
Authorization: Bearer <key>scheme — e.g. Azure APIM's well-knownOcp-Apim-Subscription-Keyheader. In these setups the actual OpenAI-styleapi_keyfield is often just a placeholder/dummy value, and the real credential must be sent via a separate header.Today,
OPENWIKI_PROVIDER=openai-compatibleonly acceptsOPENAI_COMPATIBLE_API_KEY+OPENAI_COMPATIBLE_BASE_URL, which get passed straight into LangChain'sChatOpenAI({ apiKey, configuration: { baseURL } })with no way to inject additional headers. This makes it impossible to point OpenWiki at any gateway that authenticates via a custom header rather than a bearer token — even though the endpoint itself is otherwise fully OpenAI-API-compatible.Proposed solution
Add an optional env var, e.g.
OPENAI_COMPATIBLE_EXTRA_HEADERS(JSON object, or repeatedHeader-Name=valuepairs), that gets merged intoconfiguration.defaultHeaderswhen constructing theChatOpenAIclient for theopenai-compatibleprovider. This is a small, additive change — LangChain'sChatOpenAI/underlyingopenaiSDK already supportsdefaultHeadersin its client configuration, so this would just be plumbing an existing capability through OpenWiki's provider config.Example use case
Happy to open a PR for this if the maintainers are open to the approach — wanted to check direction first since it touches the provider-construction code path in
src/agent/index.ts.