You can not. This is not how HTTP works. Firstly, a βredirectβ is just a status code 301, 302 or (starting with HTTP 1.1) 307 with the Location header set to the URL to which the client should go. This is the client that initiates the request to this URL, so you cannot control which headers they send.
Secondly, HTTP has no state, so the fact that the Authorization header was sent in some response at some point has nothing to do with everything that happens in any future requests. Web browsers and other HTTP clients work around HTTP statelessness using server-side sessions and client-side cookies. The client sends a cookie to the server with the request. A cookie corresponds to an element in the session store on the server, and the server downloads data from this session to provide an appearance as if the state were saved.
Thirdly, cookies do not work in this situation, because they are associated with a domain and are not sent along with requests for domains from which they were not. Thus, even if you had to create a session to support authorization, another site will never see it.
FWIW, the basic premise here, sharing authentication state with another domain, is exactly what technologies such as OAuth have been developed for. So direct future research in this direction.