diff --git a/plugin/cds-hooks/src/main/java/org/opencds/cqf/ruler/cdshooks/dstu3/CdsHooksServlet.java b/plugin/cds-hooks/src/main/java/org/opencds/cqf/ruler/cdshooks/dstu3/CdsHooksServlet.java
index 955db6c94..1b38fa704 100644
--- a/plugin/cds-hooks/src/main/java/org/opencds/cqf/ruler/cdshooks/dstu3/CdsHooksServlet.java
+++ b/plugin/cds-hooks/src/main/java/org/opencds/cqf/ruler/cdshooks/dstu3/CdsHooksServlet.java
@@ -154,8 +154,8 @@ protected void doPost(HttpServletRequest request, HttpServletResponse response)
 				useServerData = new BooleanType(false);
 				remoteDataEndpoint = new Endpoint().setAddress(cdsHooksRequest.fhirServer);
 				if (cdsHooksRequest.fhirAuthorization != null) {
-					remoteDataEndpoint.addHeader(cdsHooksRequest.fhirAuthorization.tokenType
-						+ ": " + cdsHooksRequest.fhirAuthorization.accessToken);
+					remoteDataEndpoint.addHeader(String.format("Authorization: %s %s",
+						cdsHooksRequest.fhirAuthorization.tokenType, cdsHooksRequest.fhirAuthorization.accessToken));
 					if (cdsHooksRequest.fhirAuthorization.subject != null) {
 						remoteDataEndpoint.addHeader(this.getProviderConfiguration().getClientIdHeaderName()
 							+ ": " + cdsHooksRequest.fhirAuthorization.subject);
diff --git a/plugin/cds-hooks/src/main/java/org/opencds/cqf/ruler/cdshooks/r4/CdsHooksServlet.java b/plugin/cds-hooks/src/main/java/org/opencds/cqf/ruler/cdshooks/r4/CdsHooksServlet.java
index f10dd1e7a..f15df7ec4 100644
--- a/plugin/cds-hooks/src/main/java/org/opencds/cqf/ruler/cdshooks/r4/CdsHooksServlet.java
+++ b/plugin/cds-hooks/src/main/java/org/opencds/cqf/ruler/cdshooks/r4/CdsHooksServlet.java
@@ -158,8 +158,8 @@ protected void doPost(HttpServletRequest request, HttpServletResponse response)
 				useServerData = new BooleanType(false);
 				remoteDataEndpoint = new Endpoint().setAddress(cdsHooksRequest.fhirServer);
 				if (cdsHooksRequest.fhirAuthorization != null) {
-					remoteDataEndpoint.addHeader(cdsHooksRequest.fhirAuthorization.tokenType
-						+ ": " + cdsHooksRequest.fhirAuthorization.accessToken);
+					remoteDataEndpoint.addHeader(String.format("Authorization: %s %s",
+						cdsHooksRequest.fhirAuthorization.tokenType, cdsHooksRequest.fhirAuthorization.accessToken));
 					if (cdsHooksRequest.fhirAuthorization.subject != null) {
 						remoteDataEndpoint.addHeader(this.getProviderConfiguration().getClientIdHeaderName()
 							+ ": " + cdsHooksRequest.fhirAuthorization.subject);