Cache includes auth token?

It appears that caching with an api key query param includes the api key in the cache key. Is that correct?

If so, that make the cache ineffective for shared data, which is the largest class of data we serve right now. If there any plan to have the caching remove the cache key from params when the key is specified to be located there?

I’d suggest raising a GitHub issue to cover this, then it will end up in a release.