HTTP Error 400 The Size Of The Request Headers Is Too Long For Windows Authentication

After upgrade Orchestrator works fine, but how to resolve the error 400 received when clicked during the Windows authentication?

Root Cause: 2020.4 URL is changed due to identity is added and few organization has redistricted MaxFieldLength and MaxRequestBytes.

Resolution: After upgrade, Orchestrator works fine and generates error 400 when clicked in the Windows authentication. The length of URL has significantly increased from version 2020.4.

By default, there is no MaxFieldLength registry entry. This entry specifies the maximum size limit of each HTTP request header. The MaxRequestBytes registry entry specifies the upper limit for the total size of the Request line and the headers. Typically, this registry entry is configured together with the MaxRequestBytes registry entry.

If the MaxRequestBytes value is lower than the MaxFieldLength value, the MaxFieldLength value is adjusted. In large Active Directory environments, users may experience logon failures if the values for both these entries aren't set to a sufficiently high value.


The MaxFieldLength and MaxRequestBytes registry keys are located at the following sub key:


Set the key values as shown in the following table:

Name - MaxFieldLength

Value Type - DWORD

Value Data - 65536

Name - MaxRequestBytes

Value Type - DWORD

Value Data - 16777216

Refer the below screenshots



  • Create both the parameters with the above mentioned Value Data, then restart the Orchestrator server.

Note: Before changing registry, request to take the backup of registry.

Read more on the HTTP Bad Request Response Kerberos .