Background context
There are a huge number of unlisted/unused oauth clients registered which aren't doing anything. We should clean all these up but will need to do the necessary due diligence first. We'll also need to ensure there is no trace left over (ie in DynamoDb tables) or similar
Specification
Identify unused apps:
Soft deleted apps are the easy targets
Visible apps are more difficult. We need to ensure there's no traffic, and it may be worth encouraging developers to clean up their own apps first (then we can just build something to periodically target soft deleted apps)
Ensure all traces are removed:
Gateway API key (this should get cleaned up automatically when an app is soft deleted)
AshDeeming
commented
3 months ago
Background context There are a huge number of unlisted/unused oauth clients registered which aren't doing anything. We should clean all these up but will need to do the necessary due diligence first. We'll also need to ensure there is no trace left over (ie in DynamoDb tables) or similar
Specification