Squid maintains a cache of proxy authentication usernames and credentials. Squid periodically removes unused entries to keep memory usage down. This directive specifies how long Squid keeps entries in the proxy authentication username cache. A user's TTL is extended each time Squid receives a request from that user.

This directive doesn't determine how long credentials remain valid. It only affects whether or not an entry is removed from the username cache. Squid may decide to revalidate the credentials of a user that is in the cache. Each authentication scheme has its own way of determining when to revalidate credentials with the external helper.


authenticate_ttl time-specification


authenticate_ttl 1 hour


authenticate_ttl 30 minutes


authenticate_cache_garbage_interval, auth_param

    Appendix A. Config File Reference