Verify JWT | JWKS Uri Data Caching

gbansalimt · 02-04-2020 07:58 AM

Public Cert Served on MTLS uri being used from cache how del

gbansalimt

I am referring JWKS uri from a MTLS based server path, initially the call failed but on disabling MTLS the VerifyJWT policy executed correctly. After that execution even on re-enabling the MTLS and request getting 400 APIGEE is using cached copy of Public Cert. Need inputs on

1. Where is this response cached.

2. How to delete it

3. How long is this response cached

dchiesa1

It isn't documented. The cache is internal to the VerifyJWT policy and Apigee does not document the cache TTL. I think it's about 30 minutes. The cache key is the URI, so you can possibly add an unused query parameter _=123 to the request to perhaps get a different cache key... or just wait a bit.

I don't understand what you're saying here:

initially the call failed but on disabling MTLS the VerifyJWT policy executed correctly.

where have you enabled mTLS? At which peer-to-peer connection?

After that execution even on re-enabling the MTLS and request getting 400 APIGEE is using cached copy of Public Cert.

Request getting 400? What does that have to do with anything?

Also, I think the behavior you describe - Apigee caches the JWKS - is the desired behavior. Right? You want it to be cached. Am i correct?