[FEATURE] Support for Strict Enterprise APIM Gateways (Custom Paths, Payload Injection, SSE Fallbacks)

Resolved 💬 2 comments Opened May 28, 2026 by SamuelMarks Closed Jun 28, 2026

Preflight Checklist

  • [x] I have searched existing requests and this feature hasn't been requested yet
  • [x] This is a single feature request (not multiple features)

Problem Statement

Working workaround (proxy) https://github.com/SamuelMarks/claude-apim-proxy ; can CC0 license it for you just ask.

We are currently deploying Claude Code in an enterprise environment (Stanford University) that routes Anthropic Bedrock traffic through a strict API Management (APIM) gateway.

While the recent addition of CLAUDE_CODE_USE_BEDROCK=1 and ANTHROPIC_CUSTOM_HEADERS is a massive step forward, Claude Code still cannot natively connect to our APIM gateway. We are currently forced to run a local proxy middleware to rewrite Claude Code's outgoing requests.

Specific issues with strict enterprise gateways include:

  1. Advanced Gateway Routing / Exact Endpoints: ANTHROPIC_BASE_URL unconditionally appends /v1/messages. Many enterprise gateways route to specific base paths (e.g., /awssig4claude37/aswsig4claude37) and will return a 404 if /v1/messages is appended.
  2. Custom JSON Payload Injection: Our gateway requires custom top-level keys to be present in the JSON body (e.g., prompt_text: "proxy bypass") for auditing and routing purposes.
  3. Graceful Non-Streaming Fallback: Some enterprise security gateways aggressively block chunked streaming responses (stream: true). When this happens, Claude Code crashes or hangs.
  4. Strict Bedrock Payload Sanitization: Bedrock via strict APIM gateways will violently reject payloads with a 400 Bad Request if they do not perfectly adhere to Bedrock's strict, undocumented schema limits.

Proposed Solution

We propose a set of features that would allow Claude Code to natively support strict enterprise API gateways:

  1. Exact Endpoints Variable: Provide an environment variable like ANTHROPIC_EXACT_ENDPOINT="https://apim.corp.com/specific/path". If set, the HTTP client uses this exact URL without appending any standard paths. (Alternatively, ANTHROPIC_OMIT_PATH=1).
  2. Payload Injection Variable: Introduce a new environment variable: ANTHROPIC_CUSTOM_PAYLOAD_INJECT='{"prompt_text": "proxy bypass"}'. The network client would deeply merge this object into the root of the outgoing Anthropic API payload before it is sent.
  3. Internal SSE Faking / Disable Streaming: If a streaming request fails (e.g., due to specific HTTP error codes or timeouts related to chunked encoding), Claude Code should gracefully fall back to a blocking (non-streaming) request. Once the full response is received, the internal client can simulate the SSE events so the UI stream processor doesn't need to be rewritten. Add a toggle like CLAUDE_CODE_DISABLE_STREAMING=1 to force this behavior immediately.
  4. Built-in Bedrock Sanitization: When CLAUDE_CODE_USE_BEDROCK=1 is set, apply a pre-flight payload sanitizer:
  • Ensure a maximum of 4 cache_control blocks per request (stripping older ones).
  • Enforce that tool_use blocks are strictly at the end of the assistant's content array.
  • Enforce that tool_result blocks are strictly at the beginning of the user's content array.
  • Strip empty thinking blocks from assistant messages, as these cause immediate gateway rejections.

Alternative Solutions

  • Local Proxy Middleware: We are currently forced to run a local proxy middleware to rewrite Claude Code's outgoing requests. This adds complexity and friction to enterprise onboarding, as users have to install and run background services.
  • Network/Gateway Adjustments: Modifying the strict APIM gateways to accept standard requests is generally not possible in strict enterprise environments like Stanford without extensive architectural exceptions.

Priority

Critical - Blocking my work

Feature Category

CLI commands and flags

Use Case Example

An enterprise user wants to connect to Bedrock through their strict APIM gateway. They can set the following environment variables:

export CLAUDE_CODE_USE_BEDROCK=1
export ANTHROPIC_EXACT_ENDPOINT="https://apim.corp.com/awssig4claude37/aswsig4claude37"
export ANTHROPIC_CUSTOM_PAYLOAD_INJECT='{"prompt_text": "proxy bypass"}'
export CLAUDE_CODE_DISABLE_STREAMING=1

claude

With these set, Claude Code can natively bypass proxy restrictions, successfully route without /v1/messages being appended, inject required audit keys, and fallback to non-streaming requests, providing a seamless user experience.

Additional Context

Enterprise adoption of Claude Code is heavily bottlenecked by complex corporate networking setups (Zscaler, custom APIMs, VPN routing conflicts). Allowing Claude Code to dynamically adjust its network footprint without requiring users to build and run local Python proxies would significantly ease enterprise onboarding.

Reference Implementation: For context, the code in https://github.com/SamuelMarks/claude-apim-proxy serves as our current local proxy middleware. It implements the exact workarounds described above (payload sanitization, SSE faking, custom payload injection, and path overriding) and can be used as a reference implementation to learn from when natively integrating these features into Claude Code.

Thank you for considering these additions!

View original on GitHub ↗

This issue has 2 comments on GitHub. Read the full discussion on GitHub ↗