I’m just starting out in my keycloak journey but I found something that looked very dubious to me. I create a client for my realm, users etc and tested this authorised my app ok - which it did just fine. Let’s say my client id was called OLD_NAME I then changed the id to NEW_NAME in Keycloak admin and tried again. I was able to login by passing a client_id of either OLD_NAME or NEW_NAME. I did not expect that, surely if I changed the Client Id, then old id should no longer work correctly ? Does Keycloak do some sort of caching of Client IDs?