Hausura graphql-engine supports downloading the public key for RSA signed JWTs from a URL. Currently when the date/time specified in the Expires header is exceeded then the graphql-engine constantly rechecks the freshness of the document on the server.

Please update JWT authentication framework to respect the Cache-Control header which supersedes the Expires header.

The Expires HTTP specifies a specific date/time when the client should re-check the freshness of the document from the server. When hosting the public key on a static CDN like S3 there is no opportunity to "update" the Expires header to prevent this functionality. If the graphql-engine respected the Cache-Control header then the document author can tell the graphql-engine how frequently to recheck the freshness of . the document.