Can we add/modify headers at tunneling point

We have a service that can do a tls passthrough if it can process a particular header field , so since we are using openziti without any tls , can we add that headers maybe at tunneling side thats better way ?

The tunnelers cannot add headers. I also don't fully understand the question you're asking. I assume by TLS and "headers" you're implying "HTTP"? I don't understand how TLS passthrough is relevant. Maybe try rewording the question?

The end application , will allow me to request via http if it sees the header "insecure-http-enable":true . so I wanted to pass that header from the openziti . so question is how to intercept request and add headers in openziti network

In that situation, your client would be accessing the tunneled service using http (not https). The client would send that header. There no way to add that header with OpenZiti.