We have a Github organization with about 100 users and 163 repos. There's a fair amount of traffic here, with many PRs being built daily. We have webhooks enabled to our Jenkins instance and have disabled all repo scanning / SCM polling.

We've been experiencing rapid drains of our Github API quota and queried Github to determine the source of the calls. 75% of our hourly quota is being burned by calls to the following endpoints by what I presume is the Branch Source Plugin:

/user
/user/teams
/user/orgs

This past week I've seen the quota drained to zero from 3000 in mere minutes when several PRs are being built at once. The API drain seems worse around PRs.

This seems like a caching problem, in that I imagine there isn't any. A configurable credentials cache would reduce fully 75% of our API quota usage by the numbers I've been shown.

As it is the plugin doesn't seem to scale well for large orgs. It is becoming unusable.

Please see the attached conversation with Github Support for stats. The top three are just crazy compared to our other traffic.

Edit: I just had a thought. We are also using the Github Authentication plugin. Is there a way to determine definitively which of these two plugins is making these calls? Happy to do some debugging and digging if necessary.