How to successfully use both "Proxy-Authorization" and "Authorization" when accessing API behind GCP IAP

I am trying to access a secured API behind Google Cloud Platform’s IAP. The API itself requires a JWT bearer token in the ‘Authorization’ header. In such a case, IAP also requires for the appropriate Google-issued token to be in the ‘Proxy-Authorization’ header.

This works using curl, but I have not been successful in configuring postman to do the same. It seems that in any case the IAP receives the ‘Authorization’ header first and rejects the inappropriate token.

The following curl command is successful when the appropriate credentials are provided:

curl -X POST 'https://<endpoint>' \
--header 'Proxy-Authorization: Bearer  <Google_Auth_Token>' \
--header 'Authorization: Bearer <API_Token>' \
--header 'Content-Type: application/json' \
--data-raw '<Query_JSON>'

However, none of the below seems to work in postman unless there is some mistake I am not aware of.

  1. With Type set to No Auth in the Authorization tab, add the appropriate Proxy-Authorization and Authorization (in that order) keys & values in the headers tab.
    A. Using only Proxy-Authorization results in “Invalid IAP credentials: empty token”
    B. Using the appropriate IAP token in the Authorization header gets past IAP but is then of course rejected by the API.
  2. Combining one bearer token in the Authorization tab and another as a header in the header tab.
    A. Invalid token error when using the IAP token in the Proxy-Authorization header
    B. Get past IAP if using the appropriate token as the bearer token in the Authorization tab