App registration - API Keys expiration
as other suggest (e.g. https://cloud.google.com/docs/authentication/api-keys) it appears as good security practice to recreate the API keys of a service principal. Would it be an option to enforce the maximum expiration to 1 or 2 years and restrict the usage of "never expires"?
We are offering deals on United Kingdom's unobtrusive hoverboards, UK Safe Segways as a humble retailer distributer supplier for hoverboards in uk .