Manually testing this on my site generally seems okay, but I think it contains a logic error because it is returning what must be a false positive.
I see the message in the admin UI and can click on the test which returns the message “Alternate Header Found. You are good to go.” However, when attempting to actually log into Monocle, I get the same 403 error saying that it couldn’t find the bearer token, and it won’t let me log in. So obviously I’m not “good to go.”
From a UI perspective something like “Your headers are properly configured and accessible.” may be better than the “You are good to go” which may be a more difficult construction for non-English speakers. Additionally wrapping that message in an anchor that will redirect to their admin UI might be nice.