AWS Lambda handle authorization headers error

Question

For my project, I'm utilizing AWS Lambda and Graphql. I used apollo-server-lambda for this project. For this project, I created custom headers. And I added a simple condition to throw an error if there is no 'event.headers.authorization'. When the app is launched in a local environment, the error is thrown correctly. But the issue is that I'm not sure how I'm going to put my authorisation in if it's continuously throwing me off. I'm certain my implementation is incorrect. I'm not sure what the best method is for obtaining authorization.

It should be put like this:

.

This is my Lambda

import * as R from 'ramda';
import { AuthenticationError, ForbiddenError } from 'apollo-server-lambda';
export const authToken = (token: string) => {
  if (token === 'HELLO') {
    return true;
  } else {
    throw new AuthenticationError('No authorization header supplied');
  }
};

const lambda =
  (lambdaFunc: AWSLambda.Handler): AWSLambda.Handler =>
  (event, context, callback) => {
    const { authorization } = event.headers;
    if (R.isNil(authorization))
      throw new ForbiddenError('You must be authenticated'); // always thorws me error
    return authToken(event.headers.authorization);

    return lambdaFunc(event, context, callback);
  };

export default lambda;

This is my graphql

import { ApolloServerPluginLandingPageGraphQLPlayground } from 'apollo-server-core';
import { ApolloServer} from 'apollo-server-lambda';
import schema from '../graphql/schema';
import resolvers from '../resolvers';
import lambda from '../utils/lambda';

const server = new ApolloServer({
  typeDefs: schema,
  resolvers,
  debug: false,
  plugins: [ApolloServerPluginLandingPageGraphQLPlayground()],
  introspection: true,
});

export default lambda(

  server.createHandler({
    expressGetMiddlewareOptions: {
      cors: {
        origin: '*',
        credentials: true,
        allowedHeaders: ['Content-Type', 'Origin', 'Accept', 'authorization'],
        optionsSuccessStatus: 200,
        maxAge: 200,
        exposedHeaders: ['authorization'],
      },
    },
  })
);

This is YAML file

functions:
  graphql:
    handler: src/handlers/graphql.default
    events:
      - http:
          path: ${env:api_prefix}/graphql
          method: get
          cors: true
      - http:
          path: ${env:api_prefix}/graphql
          method: post
          cors: true