- Auth delegation & third-party-app session expiration.
- Right now the BAD system will always generate a new API key. Shouldn't we have a mechanism to reuse them, for when your session expires on the third-party app?
- Dylan will implement a feature to re-issue the same api key to a given api key consumer, as long as it isn't obsoleted. Possibly some mechanism for forcing a new key (suggested by dkl)
- Right now the BAD system will always generate a new API key. Shouldn't we have a mechanism to reuse them, for when your session expires on the third-party app?
- Sanitize api_keys from logs like we do with passwords.
- find out if we do this for tokens?
- Push out fix for memory issue with nag warnings tomorrow.