I have some middleware which caches data by storing it on session.meta_data, and I would like to better understand how the session cache works when using openid for authentication.
What is the cache key? The entire JWT? Or a particular claim within the JWT?
When do the cache contents expire? Could the cache still be valid even after the JWT expires?