diff --git a/middleware.go b/middleware.go
index 895bca5b..d6bb2de8 100644
--- a/middleware.go
+++ b/middleware.go
@@ -284,7 +284,7 @@ func addCredentials(c *Client, r *Request) error {
 	// Build the token Auth header
 	if !isStringEmpty(r.AuthToken) {
 		credentialsAdded = true
-		r.RawRequest.Header.Set(r.HeaderAuthorizationKey, r.AuthScheme+" "+r.AuthToken)
+		r.RawRequest.Header.Set(r.HeaderAuthorizationKey, strings.TrimSpace(r.AuthScheme+" "+r.AuthToken))
 	}
 
 	if !c.IsDisableWarn() && credentialsAdded {
diff --git a/request_test.go b/request_test.go
index 2c081c9d..7320d25b 100644
--- a/request_test.go
+++ b/request_test.go
@@ -671,13 +671,30 @@ func TestRequestAuthScheme(t *testing.T) {
 		SetAuthScheme("OAuth").
 		SetAuthToken("004DDB79-6801-4587-B976-F093E6AC44FF")
 
-	resp, err := c.R().
-		SetAuthScheme("Bearer").
-		SetAuthToken("004DDB79-6801-4587-B976-F093E6AC44FF-Request").
-		Get(ts.URL + "/profile")
+	t.Run("override auth scheme", func(t *testing.T) {
+		resp, err := c.R().
+			SetAuthScheme("Bearer").
+			SetAuthToken("004DDB79-6801-4587-B976-F093E6AC44FF-Request").
+			Get(ts.URL + "/profile")
 
-	assertError(t, err)
-	assertEqual(t, http.StatusOK, resp.StatusCode())
+		assertError(t, err)
+		assertEqual(t, http.StatusOK, resp.StatusCode())
+	})
+
+	t.Run("empty auth scheme GH954", func(t *testing.T) {
+		tokenValue := "004DDB79-6801-4587-B976-F093E6AC44FF"
+
+		// set client level
+		c.SetAuthScheme("").
+			SetAuthToken(tokenValue)
+
+		resp, err := c.R().
+			Get(ts.URL + "/profile")
+
+		assertError(t, err)
+		assertEqual(t, http.StatusOK, resp.StatusCode())
+		assertEqual(t, tokenValue, resp.Request.Header.Get(hdrAuthorizationKey))
+	})
 }
 
 func TestFormData(t *testing.T) {
diff --git a/resty_test.go b/resty_test.go
index deb4aea7..c17e0230 100644
--- a/resty_test.go
+++ b/resty_test.go
@@ -537,7 +537,7 @@ func createAuthServerTLSOptional(t *testing.T, useTLS bool) *httptest.Server {
 
 				w.Header().Set(hdrContentTypeKey, "application/json; charset=utf-8")
 
-				if !strings.HasPrefix(auth, "Bearer ") {
+				if strings.HasPrefix(auth, "Basic ") {
 					w.Header().Set("Www-Authenticate", "Protected Realm")
 					w.WriteHeader(http.StatusUnauthorized)
 					_, _ = w.Write([]byte(`{ "id": "unauthorized", "message": "Invalid credentials" }`))
@@ -545,7 +545,7 @@ func createAuthServerTLSOptional(t *testing.T, useTLS bool) *httptest.Server {
 					return
 				}
 
-				if auth[7:] == "004DDB79-6801-4587-B976-F093E6AC44FF" || auth[7:] == "004DDB79-6801-4587-B976-F093E6AC44FF-Request" {
+				if strings.Contains(auth, "004DDB79-6801-4587-B976-F093E6AC44FF") {
 					_, _ = w.Write([]byte(`{ "id": "success", "message": "login successful" }`))
 				}
 			}