diff --git a/providers/dns/gandiv5/gandiv5_test.go b/providers/dns/gandiv5/gandiv5_test.go
index 2cc8f1cd..57fed032 100644
--- a/providers/dns/gandiv5/gandiv5_test.go
+++ b/providers/dns/gandiv5/gandiv5_test.go
@@ -121,8 +121,8 @@ func TestDNSProvider(t *testing.T) {
 	mux.HandleFunc("/domains/example.com/records/_acme-challenge.abc.def/TXT", func(rw http.ResponseWriter, req *http.Request) {
 		log.Infof("request: %s %s", req.Method, req.URL)
 
-		if req.Header.Get("Authorization") == "" {
-			http.Error(rw, `{"message": "missing Authorization"}`, http.StatusUnauthorized)
+		if req.Header.Get("Authorization") != "Bearer 123412341234123412341234" {
+			http.Error(rw, `{"message": "missing or malformed Authorization"}`, http.StatusUnauthorized)
 			return
 		}
 
diff --git a/providers/dns/gandiv5/internal/client.go b/providers/dns/gandiv5/internal/client.go
index d91c1422..57de9d61 100644
--- a/providers/dns/gandiv5/internal/client.go
+++ b/providers/dns/gandiv5/internal/client.go
@@ -134,7 +134,7 @@ func (c *Client) do(req *http.Request, result any) error {
 	}
 
 	if c.pat != "" {
-		req.Header.Set(authorizationHeader, c.pat)
+		req.Header.Set(authorizationHeader, "Bearer "+c.pat)
 	}
 
 	resp, err := c.HTTPClient.Do(req)