v26.1.16

Pass through HTTP 429 rate-limit errors with upstream headers

Oathkeeper now propagates rate-limit headers (Retry-After, X-Rate-Limit-, RateLimit-) from upstream services when returning HTTP 429 responses. Previously, rate-limit errors lost their headers during error handling, preventing clients from knowing when to retry. This fix also resolves a potential data race caused by mutating shared error sentinel values.

v26.1.16​

Pass through HTTP 429 rate-limit errors with upstream headers​

Ory Network

v26.1.16

Pass through HTTP 429 rate-limit errors with upstream headers