diff --git a/oauthproxy.go b/oauthproxy.go
index dfc2086..687a9b2 100644
--- a/oauthproxy.go
+++ b/oauthproxy.go
@@ -645,9 +645,11 @@ func (p *OAuthProxy) OAuthCallback(rw http.ResponseWriter, req *http.Request) {
 
 // AuthenticateOnly checks whether the user is currently logged in
 func (p *OAuthProxy) AuthenticateOnly(rw http.ResponseWriter, req *http.Request) {
-	_, err := p.getAuthenticatedSession(rw, req)
+	session, err := p.getAuthenticatedSession(rw, req)
 	switch err {
 	case nil:
+		// we are authenticated
+		p.addHeadersForProxying(rw, req, session)
 		rw.WriteHeader(http.StatusAccepted)
 	default:
 		http.Error(rw, "unauthorized request", http.StatusUnauthorized)