-
The OpenID flow redirects to a page with the auth_token.
As @magopian pointed out, it is a best practice to not store the token on the client side.
The [experts told us](https://auth0.com/docs/s…
Natim updated
2 months ago
-
Here https://github.com/Kinto/kinto/blob/master/kinto/plugins/default_bucket/__init__.py#L172
We are using the same secret as the BasicAuth plugin.
We should fallback to the basic auth secret but we …
Natim updated
2 months ago
-
**Steps to reproduce**
_docker run -p 8888:8888 kinto/kinto-server_
Running kinto 14.0.1.dev0.
Request
```
GET /v1/permissions?_since=6148&_token= HTTP/1.1
Host: 127.0.0.1:8888
```
Response
…
-
In the docs, we can read:
> «If [the specified timestamp] is in the past, the record is created with the timestamp in the past but the list timestamp is bumped into the future as usual.» [source](h…
-
See https://github.com/Kinto/kinto-admin/pull/509#pullrequestreview-108359050
When authenticating using openID Connect, the headers that are sent to the kinto server are using `Bearer`, which is ha…
-
Note that having more atomic endpoints/methods for dealing with perms update might greatly help, and this is currently discussed in https://github.com/Kinto/kinto/issues/458.
n1k0 updated
2 months ago
-
This is on kinto-admin v1.21.0 with kinto 11.0.0
-
Here for example, the collection is read-only, but it looks like the actions on records are available:
-
I'm trying to get Kinto to run in a development setup with docker, OpenID (Authentik for now) and behind SSL. However, that requires the kinto application running in the container to trust the ssl cer…
-
In service to sync, implement the basic communications between the on-device cache and the remote kinto service.
The intent is to:
* retrieve records from the remote service and apply them locally…