diff --git a/authentik/providers/proxy/controllers/k8s/traefik.py b/authentik/providers/proxy/controllers/k8s/traefik.py
index 81e082683..f2dff1f11 100644
--- a/authentik/providers/proxy/controllers/k8s/traefik.py
+++ b/authentik/providers/proxy/controllers/k8s/traefik.py
@@ -116,7 +116,7 @@ class TraefikMiddlewareReconciler(KubernetesObjectReconciler[TraefikMiddleware])
                 forwardAuth=TraefikMiddlewareSpecForwardAuth(
                     address=f"http://{self.name}.{self.namespace}:9000/akprox/auth/traefik",
                     authResponseHeaders=[],
-                    authResponseHeadersRegex="^(Remote|X).*$",
+                    authResponseHeadersRegex="^(Auth|Remote|X).*$",
                     trustForwardHeader=True,
                 )
             ),
diff --git a/website/docs/providers/proxy/_traefik_compose.md b/website/docs/providers/proxy/_traefik_compose.md
index 8455a7b0f..a070f14c0 100644
--- a/website/docs/providers/proxy/_traefik_compose.md
+++ b/website/docs/providers/proxy/_traefik_compose.md
@@ -34,7 +34,7 @@ services:
       # `authentik-proxy` refers to the service name in the compose file.
       traefik.http.middlewares.authentik.forwardauth.address: http://authentik-proxy:9000/akprox/auth/traefik
       traefik.http.middlewares.authentik.forwardauth.trustForwardHeader: true
-      traefik.http.middlewares.authentik.forwardauth.authResponseHeadersRegex: ^(Remote|X).*$$
+      traefik.http.middlewares.authentik.forwardauth.authResponseHeadersRegex: ^(Auth|Remote|X).*$$
     restart: unless-stopped
 
   whoami:
diff --git a/website/docs/providers/proxy/_traefik_ingress.md b/website/docs/providers/proxy/_traefik_ingress.md
index f8a4783ce..8a1b54100 100644
--- a/website/docs/providers/proxy/_traefik_ingress.md
+++ b/website/docs/providers/proxy/_traefik_ingress.md
@@ -9,7 +9,7 @@ spec:
   forwardAuth:
     address: http://outpost.company:9000/akprox/auth/traefik
     trustForwardHeader: true
-    authResponseHeadersRegex: ^(Remote|X).*$
+    authResponseHeadersRegex: ^(Auth|Remote|X).*$
 ```
 
 Add the following settings to your IngressRoute
diff --git a/website/docs/providers/proxy/_traefik_standalone.md b/website/docs/providers/proxy/_traefik_standalone.md
index 1e64fa42e..fa5f0502e 100644
--- a/website/docs/providers/proxy/_traefik_standalone.md
+++ b/website/docs/providers/proxy/_traefik_standalone.md
@@ -5,7 +5,7 @@ http:
       forwardAuth:
         address: http://outpost.company:9000/akprox/auth/traefik
         trustForwardHeader: true
-        authResponseHeadersRegex: ^(Remote|X).*$
+        authResponseHeadersRegex: ^(Auth|Remote|X).*$
   routers:
     default-router:
       rule: "Host(`app.company`)"