I’m developing an Apex callout using a continuation with the HttpRequest class. I’ve defined the Named Credential and turned off the “Generate Authorization Header” setting in the definition of the Named Credential. If I do the callout synchronously Salesforce doesn’t generate or include any Athorization header (as expected) and all is well. However if I do the callout using a Continuation Salesforce ignores this setting and still sends an Authorizarion header. This is causing 401 errors on my endpoint, I set the auth in a custom header, which is why I don’t want salesforce to generate that header. 

Has anyone faced or overcome this, or know why salesforce is ignoring this setting?