Hi team,
I’m trying to understand 8base authentiation and from the docs and discussions in this community, I came to know that for each request, 8base contacts the auth provider(auth0 or Cognito) to verify the idToken.
Won’t it add latency to my requests? Particularly in a production load. Is there any kind of caching happening in between? If so, how do you cache it and invalidate the cache when tokens are revoked in the Auth Provider?
Also in the authentication flowchart given in the doc, you have mentioned there is a public key cache maintained in 8base. If the auth provider is known like Auth0, it makes sense to get the public keys and cache it using Auth0 public key url. But incase of OpenID auth profile configured, how can you know from which url to get the public keys from and to which URL to call to verify the idToken in the openid provider? There seems to be no option for me input both URLs. Would like to get more clarity on this. Thanks!