To validate the JWT token, jwt plugins decode the token to get the key and then read the secret key mapped to it from cache/database.
We have a use case where one consumer have 52 million credentials(52 million records in the jwt_secrets table against one consumer) and this still growing.
For this size of large-scale, having the different secret per key would be ineffective for JWT validation.
Is there any way like having a single master secret key to validate all the jwt tokens or at least tokens issued for one consumer. Is this practical?