Please refer to lengthy discussions on
MB-41596. Since lcb 3.x dropped the caching of cbauth creds (which is present in 2.x) and eventing started maintaining the cache, a hint/flag is required in dynamic auth API to indicate to eventing (or any process that integrates lcb) to invalidate any cached creds on auth failures within lcb. Implementors of the API may or may not use the flag depending on whether they are caching creds or not.
It will be very useful for eventing to avoid any regressions between 6.6.x & 7.x and remain functionally equivalent till an ideal solution which involves cbauth notifying listeners on creds change in available.
In addition GetUsername() & GetPassword() APIs can both be collapsed into a single GetUserNameAndPassword(void cookie, const char *host, const char *port, const char *bucket, *bool invalidate) API.