I am currently doing some bug fixing on an integration we have built, and I am experiencing some weird behavior from the secure proxy (I think).
What happens is that after I have updated the settings through API with null values, it still manages to make secure requests to a third party, with a valid access token. This should not be possible since I just removed the token.
I am running the app locally, connected to a private app with a .zat file and --app-id argument on zat server.
Am I doing something wrong, or might this be a bug?