Negative doc cache for API keys #107369
Labels
>enhancement
:Security/Authentication
Logging in, Usernames/passwords, Realms (Native/LDAP/AD/SAML/PKI/etc)
Team:Security
Meta label for security team
Description
When using an API key, that expired and got removed, we always have to make a call to try and fetch it from the
.security
index. In some cases when there is a large number of expired keys still being used by clients, it introduces an unnecessary load and latency to the API key authentication. Having a negative doc lookup cache can help reduce this.The text was updated successfully, but these errors were encountered: