SuperTokens is an open source authentication solution offering features like: Different types of login: Email / password, Passwordless (OTP or Magic link based).

SuperTokens.com

Hi there, having a caching issue with the JWKs endpoint. We have a NextJS / Hasura / SuperTokens core `5` / SuperTokens Node SDK app deployed by Vercel. I believe our signing keys are set with the default, so to rotate every 7 days. Is it possible to know when exactly the JWKs will rotate for our environment? For example by sending a `max-age` header on the `/.well-known/jwks.json` response?

More on why we need this -- We added the `no-cache, no-store, max-age=0, must-revalidate` headers to our auth requests to avoid Vercel caching, as described in the SuperTokens docs. But Hasura refreshes the JWKs once per second if those headers are set so that ends up being really expensive. Originally we were caching just the JWKs endpoint response for an hour, which cut costs significantly. But now that JWKs keys get rotated, that caused a `JWSInvalidSignature` error from Hasura for an hour while the response was cached (for users with access tokens signed with the latest key). We could handle that error and refresh the cache when it's encountered, but that feels like a roundabout way to solve the problem. Wondering if you have any suggestions here?