Description

Description
An issue has been observed with the DevPortal API visibility feature, which is used to restrict API access to specific users. The problem arises when a user's role is dynamically updated. If the user is already logged into the DevPortal, the updated API visibility permissions do not take effect immediately. Instead, the changes are reflected only after the cache expiry time of 15 minutes.

This issue occurs exclusively for users with Uppercase Username

The delay in reflecting updated API visibility creates confusion and reduces the efficiency of dynamic role updates for API visibility management. This can negatively affect the user experience by introducing unnecessary delays in accessing APIs after role updates.

Steps to Reproduce

• Create a user with UpperCase username and an internal role (e.g., internal/abc), but do not assign the role to the user initially.
• Create an API and configure the API DevPortal visibility to be restricted to the internal role.
• Log in to the DevPortal with the created user.
• Assign the internal role to the user.
• Check the DevPortal to see if the API is visible. The API will only become visible after the cache expiry time (15 minutes).

Version

4.2.0

Environment Details (with versions)

No response