Fail over org-disabled Claude accounts (403 permission_error)#54
Merged
Conversation
…ble fallback
A 403 permission_error ('OAuth authentication is currently not allowed for
this organization') is account-specific: Anthropic disabled Claude Code
subscription access for one account's org mid-day while the rest of the pool
stayed healthy, and sticky sessions pinned to that account black-holed every
request with 'Your organization has disabled Claude subscription access'.
403 now joins 429/401 in the failover set and marks the account exhausted
with the credential TTL (an org toggle does not self-heal on a rate-limit
schedule; the hourly lapse re-probes it).
Also log 'serving claude fable via fallback chain' from the handler-level
fallback path (selection found no usable OAuth account), which previously
emitted nothing, so Bedrock activity could not be attributed chain-vs-gateway
during monitoring.
|
Caution Review failedThe pull request is closed. ℹ️ Recent review info⚙️ Run configurationConfiguration used: defaults Review profile: CHILL Plan: Pro Run ID: 📒 Files selected for processing (5)
📝 WalkthroughWalkthroughThis PR extends Claude account failover logic in proxy.go to treat HTTP 403 responses the same as 401 for credential exhaustion, unusable-status classification, and failover eligibility, adds a warning log for Fable fallback usage, includes a new failover test, and bumps package versions. ChangesClaude 403 Failover Handling
Estimated code review effort: 3 (Moderate) | ~20 minutes Sequence Diagram(s)sequenceDiagram
participant Client
participant usageLimitRetryTransport
participant ClaudeAPI
participant Scheduler
Client->>usageLimitRetryTransport: RoundTrip(request)
usageLimitRetryTransport->>ClaudeAPI: forward request (cooked account)
ClaudeAPI-->>usageLimitRetryTransport: 403 permission_error
usageLimitRetryTransport->>Scheduler: markAccountExhaustedCredential(cooked)
usageLimitRetryTransport->>Scheduler: select healthy account (fresh)
usageLimitRetryTransport->>ClaudeAPI: retry request (fresh account)
ClaudeAPI-->>usageLimitRetryTransport: 200 OK
usageLimitRetryTransport-->>Client: 200 OK
Possibly related PRs
✨ Finishing Touches📝 Generate docstrings
🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Observed live 2026-07-04 ~09:51 UTC: Anthropic disabled OAuth for one account's org mid-day (403 permission_error 'OAuth authentication is currently not allowed for this organization'); Claude Code renders it as 'Your organization has disabled Claude subscription access for Claude Code'. Failover only reacted to 429/401/rejected, so sticky sessions pinned to that account black-holed every request while 8+ healthy accounts sat idle. The same error also appears in a session transcript from 2026-06-24, so this is a recurring Anthropic-side state, not a one-off.
403 now joins the failover set, marks the account exhausted with the credential TTL (hourly re-probe picks it back up if the org is re-enabled), and the two-commit structure shows the regression test red then green. Also adds the missing 'serving claude fable via fallback chain' log on the handler-level fallback path so Bedrock activity is attributable chain-vs-gateway during monitoring.
Need help on this PR? Tag
/codesmithwith what you need. Autofix is disabled.Summary by cubic
Fail over Claude accounts that return 403 permission_error when their org disables OAuth, preventing sticky sessions from black-holing requests and retrying on healthy accounts.
Bug Fixes
Dependencies
subrouterto 0.1.32 inpackage.jsonandpyproject.toml.Written for commit 2f33d1d. Summary will update on new commits.
Summary by CodeRabbit
Bug Fixes
Tests
Chores