diff --git a/yesod-core/Yesod/Core/Class/Yesod.hs b/yesod-core/Yesod/Core/Class/Yesod.hs
index a56dbf79..40e2b6c6 100644
--- a/yesod-core/Yesod/Core/Class/Yesod.hs
+++ b/yesod-core/Yesod/Core/Class/Yesod.hs
@@ -428,7 +428,7 @@ defaultErrorHandler NotAuthenticated = selectRep $ do
         -- however, there is no standard to indicate a redirection
         --
         -- change this to Basic or Digest if you allow those forms of authentications
-        setHeader "WWW-Authenticate" "RedirectJSON realm=\"application\", param=\"authentication_url\""
+        addHeader "WWW-Authenticate" "RedirectJSON realm=\"application\", param=\"authentication_url\""
 
         -- The client will just use the authentication_url in the JSON
         site <- getYesod