v2.3.15

When both JWT and security key authentication are enabled, JWT now takes precedence. This standardizes behavior, reduces ambiguity for clients, and aligns with common enterprise security practices.

Details

• No change if only one method is in use
• For deployments using both, ensure clients present a valid JWT after upgrade
• Improves governance and reduces authorization edge cases

Who this is for: Security and platform administrators, API consumers, and teams operating shared gateways.