diff --git a/go.mod b/go.mod
index 09860acfcb..6391f8a395 100644
--- a/go.mod
+++ b/go.mod
@@ -14,7 +14,7 @@ require (
 	github.com/casbin/xorm-adapter v1.0.1-0.20190716004226-a317737a1007
 	github.com/coreos/go-oidc v2.2.1+incompatible
 	github.com/davecgh/go-spew v1.1.1
-	github.com/devtron-labs/authenticator v0.4.31-0.20221115125816-95ec958147f5
+	github.com/devtron-labs/authenticator v0.4.31-0.20221207125629-4f57f862a1b1
 	github.com/devtron-labs/common-lib v0.0.0-20220923064712-362252bd41d9
 	github.com/evanphx/json-patch v5.6.0+incompatible
 	github.com/ghodss/yaml v1.0.1-0.20190212211648-25d852aebe32
diff --git a/go.sum b/go.sum
index 0d61e4c821..7030a27061 100644
--- a/go.sum
+++ b/go.sum
@@ -301,6 +301,8 @@ github.com/devtron-labs/authenticator v0.4.31-0.20220913121257-aecda79359cc h1:n
 github.com/devtron-labs/authenticator v0.4.31-0.20220913121257-aecda79359cc/go.mod h1:ozNfT8WcruiSgnUbyp48WVfc41++W6xYXhKFp67lNTU=
 github.com/devtron-labs/authenticator v0.4.31-0.20221115125816-95ec958147f5 h1:nxBtmA6B2XySLY+eol+Lq4vWxO6w/d4Xj48LCGmlaLM=
 github.com/devtron-labs/authenticator v0.4.31-0.20221115125816-95ec958147f5/go.mod h1:ozNfT8WcruiSgnUbyp48WVfc41++W6xYXhKFp67lNTU=
+github.com/devtron-labs/authenticator v0.4.31-0.20221207125629-4f57f862a1b1 h1:JiROghvhkfMASlpYh+WRN1VzKyIoigwYOiAeVeNCiSg=
+github.com/devtron-labs/authenticator v0.4.31-0.20221207125629-4f57f862a1b1/go.mod h1:ozNfT8WcruiSgnUbyp48WVfc41++W6xYXhKFp67lNTU=
 github.com/devtron-labs/common-lib v0.0.0-20220923064712-362252bd41d9 h1:Jd2zGbMPy5zPALO6+dVrTr8Cn99nIUIxlLYZDehIKlE=
 github.com/devtron-labs/common-lib v0.0.0-20220923064712-362252bd41d9/go.mod h1:wDldcLG0CzfnxCBEXeitEkYF9bk62yG+HLGqQg6VZ4o=
 github.com/dgrijalva/jwt-go v3.2.0+incompatible/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ=
diff --git a/vendor/github.com/devtron-labs/authenticator/middleware/AuthMiddleware.go b/vendor/github.com/devtron-labs/authenticator/middleware/AuthMiddleware.go
index dff591e8ce..0b33a1e0b5 100644
--- a/vendor/github.com/devtron-labs/authenticator/middleware/AuthMiddleware.go
+++ b/vendor/github.com/devtron-labs/authenticator/middleware/AuthMiddleware.go
@@ -25,25 +25,27 @@ import (
 	"strings"
 )
 
+const ApiTokenHeaderKey = "api-token"
+const tokenHeaderKey = "token"
+const argocdTokenHeaderKey = "argocd.token"
+
 // Authorizer is a middleware for authorization
 func Authorizer(sessionManager *SessionManager, whitelistChecker func(url string) bool) func(next http.Handler) http.Handler {
 	return func(next http.Handler) http.Handler {
 		fn := func(w http.ResponseWriter, r *http.Request) {
-			isExternalCiWebhook := false
-			if strings.Contains(r.URL.Path, "/orchestrator/webhook/ext-ci/") {
-				isExternalCiWebhook = true
-			}
 			token := ""
-			if isExternalCiWebhook {
-				token = r.Header.Get("api-token")
+			apiToken := r.Header.Get(ApiTokenHeaderKey)
+			if len(apiToken) > 0 {
+				// for external ci webhook request, will be authorize by api-token
+				token = apiToken
 			} else {
-				cookie, _ := r.Cookie("argocd.token")
+				cookie, _ := r.Cookie(argocdTokenHeaderKey)
 				if cookie != nil {
 					token = cookie.Value
-					r.Header.Set("token", token)
+					r.Header.Set(tokenHeaderKey, token)
 				}
 				if token == "" && cookie == nil {
-					token = r.Header.Get("token")
+					token = r.Header.Get(tokenHeaderKey)
 				}
 			}
 			//users = append(users, "anonymous")
@@ -56,8 +58,8 @@ func Authorizer(sessionManager *SessionManager, whitelistChecker func(url string
 				_, err := sessionManager.VerifyToken(token)
 				if err != nil {
 					log.Printf("Error verifying token: %+v\n", err)
-					if !isExternalCiWebhook {
-						http.SetCookie(w, &http.Cookie{Name: "argocd.token", Value: token, Path: "/", MaxAge: -1})
+					if len(apiToken) == 0 {
+						http.SetCookie(w, &http.Cookie{Name: argocdTokenHeaderKey, Value: token, Path: "/", MaxAge: -1})
 					}
 					writeResponse(http.StatusUnauthorized, "Unauthorized", w, err)
 					return
diff --git a/vendor/modules.txt b/vendor/modules.txt
index 0093838880..b5a0224227 100644
--- a/vendor/modules.txt
+++ b/vendor/modules.txt
@@ -320,7 +320,7 @@ github.com/cyphar/filepath-securejoin
 # github.com/davecgh/go-spew v1.1.1
 ## explicit
 github.com/davecgh/go-spew/spew
-# github.com/devtron-labs/authenticator v0.4.31-0.20221115125816-95ec958147f5
+# github.com/devtron-labs/authenticator v0.4.31-0.20221207125629-4f57f862a1b1
 ## explicit; go 1.16
 github.com/devtron-labs/authenticator/apiToken
 github.com/devtron-labs/authenticator/client