This extension would be useful for caches, much like hierarchy, to avoid contacting 3scale when they find an application key they don't know anything about.
Without this extension caches need to contact 3scale even if they know an app is within limits and otherwise it's been authorized before with a different app key, because this new application key might actually exist in the database or not and then the request should be rejected. If a user kept calling a cache with different app keys, a cache would be forced to keep contacting 3scale.
With this extension a cache can take the opportunity in which they learn about metric hierarchy to also list the set of accepted application keys. Like the hierarchy, this information would then be periodically retrieved to pick up any updates.
Security-wise there is no privilege boundary crossed, since a cache already has full access to a 3scale account via the Porta APIs.
This extension would be useful for caches, much like
hierarchy, to avoid contacting 3scale when they find an application key they don't know anything about.Without this extension caches need to contact 3scale even if they know an app is within limits and otherwise it's been authorized before with a different app key, because this new application key might actually exist in the database or not and then the request should be rejected. If a user kept calling a cache with different app keys, a cache would be forced to keep contacting 3scale.
With this extension a cache can take the opportunity in which they learn about metric hierarchy to also list the set of accepted application keys. Like the hierarchy, this information would then be periodically retrieved to pick up any updates.
Security-wise there is no privilege boundary crossed, since a cache already has full access to a 3scale account via the Porta APIs.