Hi,
Since that request would be made from your app to the third-party, you could indeed manually add whatever headers you like to the request. Like when calling an external API, you might send an Authorization header.
However those Fly-added headers would be for ones that come in, routed via its proxy. For example if you request https://debug.fly.dev/ that would hit Fly’s proxy, and then on to the app. You’ll see on screen (or in the network tab) the headers. Sure enough, there is a Fly-Client-IP (etc).
The problem you may face here is that Fly don’t provide an official way to get a fixed outgoing IP for you to whitelist. For example see: