OrigamIdentityGrant can grow indefinitely

Recent production instance maintenance shown that OrigamIdentityGrant table consumes 6GB of disk space. It’s rather large for a system table for storing authentication tokens.

After some experiments it seems that only way to remove a record from the table is user properly logging out of the system. Otherwise the tokens/records are piling in the table.

The first pair of rows was created during the initial login, the second pair of rows was created after I closed the browser and restarted the server, the third pair was created when I logged in incognito mode of the same browser.

My initial idea was to limit user (SubjectId) to only one set of tokens. That would mean that the user would be automatically signed out from other client. That seems to be too harsh, but some sort of control over the tokens overpopulation should be introduced.

There is an option to clean the table during the server boot sequence.

Will this be handled by the system or is it up to the admin to take care of it?

At the moment there was no conlusion regarding the solution. So at the moment it is admin’s job.