Control the Cache-Control header of the jwks_uri (https://{domain}{tenant}/{policy}/discovery/v2.0/keys)

Gil 1 Reputation point


I'm using Azure AD B2C with custom policies.

when I'm using the keys endpoint (jwks_uri) it returns the keys response with the header: Cache-Control: private.
Is there a way to control it, maybe through the custom policies (I want to change it to public)?

I'm using an API gateway tool and I want to retrieve the keys once instead of fetching the keys for each call, and this header prevents me from doing so.

Thanks, Gil

Microsoft Entra External ID
Microsoft Entra External ID
A modern identity solution for securing access to customer, citizen and partner-facing apps and services. It is the converged platform of Azure AD External Identities B2B and B2C. Replaces Azure Active Directory External Identities.
2,578 questions
{count} votes

1 answer

Sort by: Most helpful
  1. VipulSparsh-MSFT 16,201 Reputation points Microsoft Employee

    @Gil Thanks for reaching out and sincere apologies for the delay on this. We are constantly trying to reduce our answer time and in coming days you will see a significant improvement here. So we appreciate you posting your future queries here.

    Currently cache-control is bye default private and it cannot be changed.


    We welcome you to submit this as feedback on our Azure AD B2C feedback page for further consideration. Once done, do update the feedback URL here, so that other people can also vote for it.


    If the suggested response helped you resolve your issue, please do not forget to accept the response as Answer and "Up-Vote" for the answer that helped you for benefit of the community

    0 comments No comments