Title: Retry policy for external authorization requests?

I'm using Envoy 1.9.0 and configured external authorization as described in https://www.envoyproxy.io/docs/envoy/v1.9.0/configuration/http_filters/ext_authz_filter#config-http-filters-ext-authz

It works as expected but sometimes the external authorization server respond with a 5xx status (could be either problems with the server, network, etc.). I haven't managed to configure a retry policy for these cases and wonder if it is possible to do this? Also, I can see that when this occurs, the actual response to the calling client is 403 which is actually a bit misleading and it might be better to propagate 5xx response codes from the authorization server.

So my questions are if retries are possible with authorization requests and if 5xx response codes can be propagates to the client?

Any hints are welcome!