I don’t see anything in the production guide about flushing expired tokens. Do you recommend we make a perodic call to POST /oauth2/flush . Or does the server take care of it’s own housekeeping?
Good point, we should defo document that.
Flushing tokens periodically is a good idea if your database grows in size. If it doesn’t don’t worry about it. Most of the flows get cleaned up over time automatically!
Sorry to resurrect an old thread but I posted here about how our database is growing at an abnormal rate and wanted to ask how often should we be flushing expired access tokens?
Depends on your use case and how many stale tokens you have in the store!