Issue Station
Sign In
Tools hereToolbox

hermes - 💡(How to fix) Fix Feature request: same-provider auth-profile rotation on rate-limit / overload (parity with OpenClaw)

Official PRs (…)
ON THIS PAGE

Recommended Tools

×6

Utilities matched from this issue’s tags and category — try them while you read without losing context.

GitHub issue graph ai analysis

Paste a GitHub issue URL. We fetch that issue, discover linked issues from bodies/comments/timeline, collect linked pull requests, and produce a structured English report.

The report is written in English Markdown for sharing and archival.

Helpful · Quick feedback

Loading…

When Hermes is configured with the openai-codex provider via OAuth, only one auth profile is active at a time. If that profile rate-limits or overloads, Hermes immediately falls through to the next provider in fallback_providers. Users with multiple ChatGPT/Codex accounts on the same machine (different plans, different quota windows) currently get no benefit from having more than one profile registered.

OpenClaw ships this feature already, exposed as two config keys with a default of 1 rotation:

  • auth.cooldowns.rateLimitedProfileRotations — max same-provider profile rotations on rate-limit before falling to model fallback
  • auth.cooldowns.overloadedProfileRotations — same for overload errors

When the active openai-codex:<email-A> rate-limits, OpenClaw rotates to openai-codex:<email-B> before escalating to claude-cli / openrouter / etc. The cooldown window is tracked per-profile in auth-state.json's usageStats[<profile>].cooldownUntil. Hermes would benefit from the same.

Error Message

  • Cascade order on a profile error: same-provider profile rotation (up to the configured limit) → next entry in fallback_providers → next provider entry.

Root Cause

When Hermes is configured with the openai-codex provider via OAuth, only one auth profile is active at a time. If that profile rate-limits or overloads, Hermes immediately falls through to the next provider in fallback_providers. Users with multiple ChatGPT/Codex accounts on the same machine (different plans, different quota windows) currently get no benefit from having more than one profile registered.

OpenClaw ships this feature already, exposed as two config keys with a default of 1 rotation:

  • auth.cooldowns.rateLimitedProfileRotations — max same-provider profile rotations on rate-limit before falling to model fallback
  • auth.cooldowns.overloadedProfileRotations — same for overload errors

When the active openai-codex:<email-A> rate-limits, OpenClaw rotates to openai-codex:<email-B> before escalating to claude-cli / openrouter / etc. The cooldown window is tracked per-profile in auth-state.json's usageStats[<profile>].cooldownUntil. Hermes would benefit from the same.

RAW_BUFFERClick to expand / collapse

Summary

When Hermes is configured with the openai-codex provider via OAuth, only one auth profile is active at a time. If that profile rate-limits or overloads, Hermes immediately falls through to the next provider in fallback_providers. Users with multiple ChatGPT/Codex accounts on the same machine (different plans, different quota windows) currently get no benefit from having more than one profile registered.

OpenClaw ships this feature already, exposed as two config keys with a default of 1 rotation:

  • auth.cooldowns.rateLimitedProfileRotations — max same-provider profile rotations on rate-limit before falling to model fallback
  • auth.cooldowns.overloadedProfileRotations — same for overload errors

When the active openai-codex:<email-A> rate-limits, OpenClaw rotates to openai-codex:<email-B> before escalating to claude-cli / openrouter / etc. The cooldown window is tracked per-profile in auth-state.json's usageStats[<profile>].cooldownUntil. Hermes would benefit from the same.

Why

Weekly Codex quotas are per ChatGPT account. Users on Codex CLI / VS Code Codex extension / Hermes / OpenClaw side-by-side often run multiple accounts deliberately to extend usable runtime. Without same-provider rotation, the second profile is effectively dead weight in Hermes.

This is also a defensive measure against the OAuth-token sibling-burn issue tracked in #22903: even if one profile's token gets consumed, the other can serve while the user re-auths the dead one.

Suggested shape

  • Add fallback_profiles: (analogous to fallback_providers:) to the Hermes config schema, listing additional auth profiles for the active provider in priority order.
  • Or, simpler: add cooldowns.rate_limited_profile_rotations and cooldowns.overloaded_profile_rotations (with default 1) and have the auth resolver enumerate all configured profiles for the active provider.
  • Track per-profile cooldown in the auth state file, mirroring OpenClaw's usageStats[profile].cooldownUntil.
  • Cascade order on a profile error: same-provider profile rotation (up to the configured limit) → next entry in fallback_providers → next provider entry.

Environment

  • Hermes Agent v0.10.0 (2026.4.16)
  • Cross-reference: OpenClaw 2026.5.7 ships this feature; OpenClaw's pi-embedded runtime exposes it as overloadProfileRotationLimit / rateLimitProfileRotationLimit per-call.

Related

  • #22903 (Codex OAuth refresh token burn by sibling clients) — same incident class, complementary fix

Vote matrix · Quick signals

Works
Did the solution work? Tap to confirm.
Easy Fix
Was it a quick fix?
Time Saver
Did it save you time?
Blocking
Was it severely blocking?
Common Issue
Are others likely hitting this too?
Flaky / Intermittent
Is it intermittent?
Verified / Reproducible
Can you reproduce it reliably?
Loading…
#tensor shape#autograd error#model save/load#optimization#mixed precision

Still need to ship something?

×6

Another batch ranked right after the header list — different links, same matching logic.

Back to top recommendations

TRENDING

hermes - 💡(How to fix) Fix Feature request: same-provider auth-profile rotation on rate-limit / overload (parity with OpenClaw)