diff --git a/README.md b/README.md
index c68e454..149c277 100644
--- a/README.md
+++ b/README.md
@@ -11,13 +11,13 @@ alvacoder/defectdojo-upload@v1.0.0
 
 ## Inputs
 
-NB: The defectdojo_username and defectdojo_password should be passed if you are using basic authentication, and if you are using API key authentication, then you should pass in the defectdojo_api_key.
+NB: The defectdojo_username and defectdojo_password should be passed if you are using basic authentication, and if you are using API key authentication, then you should pass in the defectdojo_api_key. Ensure to add defectdojo_iap_token, only if defectdojo was deployed behind an IAP (Identity Aware Proxy)
 
 | Input Name                   | Required |
 | ---------------------------- | -------- | 
 | defectdojo_username          | False     |
 | defectdojo_password          | False     |
-| defectdojo_service_account   | False     |
+| defectdojo_iap_token         | False     |
 | defectdojo_api_key           | False     |
 | defectdojo_url               | True     |
 | defectdojo_product_type      | True     |
diff --git a/action.yml b/action.yml
index daed579..84e4a44 100644
--- a/action.yml
+++ b/action.yml
@@ -17,6 +17,9 @@ inputs:
   defectdojo_api_key:
     description: the API key to authenticate with your defectdojo instance if using API key authentication
     required: false
+  defectdojo_iap_token:
+    description: Only required if defectdojo is behind an IAP
+    required: false
   defectdojo_product_type:
     description: the defectdojo product type that the scan result relates to
     required: true
@@ -50,6 +53,7 @@ runs:
   image: 'Dockerfile'
   env:
     DEFECTDOJO_API_KEY: ${{ inputs.defectdojo_api_key }}
+    DEFECTDOJO_IAP_TOKEN: ${{ inputs.defectdojo_iap_token }}
     DEFECTDOJO_USERNAME: ${{ inputs.defectdojo_username }}
     DEFECTDOJO_PASSWORD: ${{ inputs.defectdojo_password }}
     DEFECTDOJO_SERVICE_ACCOUNT: ${{ inputs.defectdojo_service_account }}
diff --git a/defectdojo.py b/defectdojo.py
index 22dece4..a47596b 100644
--- a/defectdojo.py
+++ b/defectdojo.py
@@ -19,7 +19,7 @@ def __init__(self):
         self.defectdojo_api_key = get_env_var("DEFECTDOJO_API_KEY")
         self.defectdojo_username = get_env_var("DEFECTDOJO_USERNAME")
         self.defectdojo_password = get_env_var("DEFECTDOJO_PASSWORD")
-        self.defectdojo_service_account = get_env_var("DEFECTDOJO_SERVICE_ACCOUNT")
+        self.defectdojo_iap_token = get_env_var("DEFECTDOJO_IAP_TOKEN")
 
         # Required Defectdojo Variables.
         self.defectdojo_url = get_env_var("DEFECTDOJO_URL")
@@ -38,7 +38,10 @@ def import_scan_results_to_defectdojo(
     ) -> int:
 
         api_endpoint = f"{self.defectdojo_url}/api/v2/import-scan/"
-        headers = {"Authorization": f"Token {self.defectdojo_api_key}"}
+        headers = {
+            "Authorization": f"Token {self.defectdojo_api_key}"
+            "Proxy-Authorization": f"Bearer {self.defectdojo_iap_token}"
+            }
         data = {
             "product_type_name": self.defectdojo_product_type,
             "product_name": self.defectdojo_product,