diff --git a/README.md b/README.md
index 479cd5e7377387f533413b2d75121053fd750784..7500a5f5a2e1d2e78e39f6d60472a71dd1a05a1b 100644
--- a/README.md
+++ b/README.md
@@ -80,7 +80,10 @@ The `goSDN` controllers core - also called `nucleus` - is a lightweight library
 that manages principal network domains and provides southbound interface
 operations for managed network elements.
 
-In addition, we provide a simple Northbound-API for the controller [right here](https://code.fbi.h-da.de/danet/gosdn/-/tree/master/controller/api).
+In addition, we provide a simple Northbound-API (gRPC) for the controller [right here](https://code.fbi.h-da.de/danet/gosdn/-/tree/master/controller/api).
+
+The gRPC services can also be reached using HTTP requests via the gRPC-Gateway. The fitting OpenAPI definitions can be found [here](https://code.fbi.h-da.de/danet/gosdn/-/tree/master/api/openapiv2?ref_type=heads). Note, that this is experimental and tested less well. If you want to use the controller in secure mode which implies it's mandatory to login and provide the received token in other requests via the HTTP header with the key-value pair:
+`"authorize: token"`.
 
 ### Principal Networking Domain (PND)
 
diff --git a/controller/http.go b/controller/http.go
index dae22922bde93e023810c80a2e2ea26c6851758d..1261577acfdd0a70e1e6053acfaebda154467d64 100644
--- a/controller/http.go
+++ b/controller/http.go
@@ -42,7 +42,9 @@ func run() error {
 
 	// Register gRPC server endpoint
 	// Note: Make sure the gRPC server is running properly and accessible
-	mux := runtime.NewServeMux()
+	mux := runtime.NewServeMux(
+		runtime.WithIncomingHeaderMatcher(customHeaderMatcher),
+	)
 
 	err := registerHttpHandler(mux)
 
@@ -162,3 +164,14 @@ func metricsHandler(mux *runtime.ServeMux) error {
 
 	return nil
 }
+
+// customHeaderMatcher passes custom key-value pairs within headers to be added to the outgoing context of gRPC-Gateway.
+// Use "authorize: token" in header for authorization after login.
+func customHeaderMatcher(key string) (string, bool) {
+	switch key {
+	case "Authorize":
+		return key, true
+	default:
+		return runtime.DefaultHeaderMatcher(key)
+	}
+}