How do you know that your author has only 320GB? Did you use the DiskUsage report to determine this? In any case: can you relate this growth of the Datastore to any event? Is it increasing every day (no matter what you are doing) by 1GB? Is it increasing when you deploy?  

Hi, when you mean "Adobe cloud", what exactly do you mean with that? Is it the SDK or a DEV environment in the cloud? I assume SDK because you mention "unsatisfied" because you cannot access the OSGI webconsole in the DEV console and that's the only way to get this information.But when you open loca...

That does not help, because it can easily be spoofed. I just record a request in the browser and then send the same request (including all parameters) using curl. In this case it's not possible to distinguish curl from the browser running your FE application. If your backend requires authentication ...

So when you execute the dataStoreGC it does not clean up any binaries? Is this the reason why you want to find out the unused binaries? In that case I would raise a support ticket first. Do you regularly execute the revision cleanup on all nodes? This is a prerequisite that the datastoreGC is able t...

There is no other way, you need to run the Datastore GC to identify all used blobs and then let it clear all unused ones. 

No, it is not possible. If you want to your SPA to authenticate at AEM (the SPA, not the user!) then you need to store some token within the SPA which is then used for authentication. But everyone can extract that token and use it outside of the SPA. If your content is publicly available, you cannot...

I don't think so, this is the active queue and job definitions are stored there. They will be removed when the job has completed.

Why does the datastore GC process not work for you? I am not aware of any other way to do it.

It's a Sling job, so its payload should be stored. I would check in/var/audit/com.day.cq.replication/etc/d8a323ac-6c3c-4ca0-b848-dc86533f812c/and/var/eventing/jobs/assigned/319d72ae-89e3-4a79-ab7b-e2e767500a08/ref-updater.update/2022/6/14/18/41/319d72ae-89e3-4a79-ab7b-e2e767500a08_22384

When you write "authentication service to validate the frontend/external application", does that mean that the user (which is using this frontend application) is not required to authenticate, but only the application itself? In other words, do you want to only your frontend application can access AE...