Enable throttling of OIDC connector requests on refresh tokens through using cached details #2113
Comments
|
Hello! Thanks for an interesting idea about the reuse interval use case. I have never thought that it has a positive impact in combination with disabled refresh token rotation. However, we need to think a little more about a way to solve this issue. It seems like reuse interval is not the best solution we could find. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Is your feature request related to a problem?
We have a need to reduce the number of requests going to the connector OIDC provider due to rate limiting.
Describe the solution you'd like to see
For our use case if Dex could throttle refresh token exchanges in a manner similar to the reuse interval it would cut down on upstream API calls and we can deal with slightly stale user state as cached from previous Dex claims. The issue with reuse interval is it isn't available when refresh token rotation is disabled and the simple solution would make refresh tokens requests act like keepalives and prevent checking with the upstream.
Describe alternatives you've considered
Enabling reuse interval and moving
dex/server/refreshhandlers.go
Line 245 in 551229a
The text was updated successfully, but these errors were encountered: