diff --git a/reference/config_files/source_credentials.rst b/reference/config_files/source_credentials.rst
index 94c5cfbf479..fe72acf1efe 100644
--- a/reference/config_files/source_credentials.rst
+++ b/reference/config_files/source_credentials.rst
@@ -72,12 +72,26 @@ level:
     {
         "credentials": [
             {
-                "url": "https://server/that/need/credentials", 
+                "url": "https://server/that/need/credentials",
                 "token": "{{mytk}}"
             }
         ]
     }
 
+In some special cases, the server might need some specific custom headers. You can also specify them using a ``headers`` dictionary.
+
+.. code-block:: json
+
+    {
+        "credentials": [
+            {
+                "url": "https://server/that/need/credentials", 
+                "token": "mytoken",
+                "headers": {"my-header-1": "my-value-1", "my-header-2": "my-value-2"}
+            }
+        ]
+    }
+
 .. note::
 
     **Best practices**
diff --git a/reference/extensions/authorization_plugins.rst b/reference/extensions/authorization_plugins.rst
index e038366dad6..073972ba6b3 100644
--- a/reference/extensions/authorization_plugins.rst
+++ b/reference/extensions/authorization_plugins.rst
@@ -59,6 +59,15 @@ Here we can see an example of a plugin implementation.
         elif url.startswith("https://my-private-token-sources.my-org/"):
             return {'token': 'my-secure-token'}
 
+Additionally, returning a ``headers`` dictionary will add the contents as HTTP headers for the sources request,
+as some servers might need some specific custom headers:
+
+.. code-block:: python
+
+    def auth_source_plugin(url, **kwargs):
+        if url.startswith("https://my-private-token-sources-with-headers.my-org/"):
+            return {'token': 'my-secure-token', 'headers': {'my-header-1': 'my-value-1'}}
+
 
 .. note::