We have configured basic auth on one of our APM policy on a virtual server. I have enabled HSTS on the HTTP profile and associated with the virtual i am using and When end user hit the URL he would be sent a 401 prompt to login. For that specific call i am unable to see HSTS in the header value. Am i missing something in my config? Is there a way to force insert HSTS in the header for 401 call?