Yes, exactly. Still, the apps will need to store them 
I wonder what the most efficient key expiry method might be. In theory, it could be a minimal HEAD (sort of like how cache header expiry works for HTTP objects).
So, there’s been a bunch of activity in the background, 2 funding grant applications are out and with the assistance of @mad_dev we’ve got the first navigable sketches of an api up. Swagger UI
I’m still working on getting it into a repo for all to work with, but should be up in the next couple of days.
@mad_dev also mentioned Piepmatz as a new contender for funding api usage. I’d appreciate all suggestions for APIs that might benefit from this approach.