In the endpoint designer, you can add a static global header to all requests to the upstream.
You should also be able to take info from the session metadata which will enable the authorization header to upstream to be different dependent on the client //tyk.io/docs/getting-started/key-concepts/what-is-a-session-object/ for example: $tyk_meta.METADATA_KEY
You could also grab information from the request context: //tyk.io/docs/context-variables/
hope this helps
