Currently we return a 403 Authentication failed when limits are exceeded. It would be much more useful for the client to know the specific reason in this case, 429 Too Many Requests would probably be more appropriate.

This is a common request from the customers and we even provided a snippet on Codehub to show how this can be done: https://support.3scale.net/codehub/custom-error-codes

The snippet can not be used with new APIcast, and instead of migrating the customization and providing it as an example for APIcast, I think it should really be an OOTB feature.

There is already an issue on the APIcast upstream repo: https://github.com/3scale/apicast/issues/368

But I think there should also be a UI for the Usage limit exceeded error (code, content-type and response body fields), as there is now for Authentication missing, Authentication failed and No match.

From comment below:
Some additional codes that might be interesting to add:
401 in case we are able to add Basic Auth or IP filtering from GUI
405 in case some methods are blocked
406 in case we are able to analyze the Accept header field
415 in case we are able to analyze the Content type field
426 in case we have configurable security protocols on the gateway
495 in case we will support client certificate authentication
497 to indicate the client to switch to HTTPS

APIcast (upstream) now supports using a different error message for Limits exceeded: https://github.com/3scale/apicast/pull/453
The RFE is still valid for adding the UI for configuring error messages on the Integration page.

So we add a new section in the UI called something like "Gateway Response" to let users configure this in the UI