-
-
Since I lost tons of time doing **tymon/jwt-auth** work in my application, I decided to share my code in this walkthrough.
**FOR LARAVEL:**
Add `"tymon/jwt-auth": "1.0.0-rc.1"` to **composer.jso…
-
Hey hey RESTler Team,
is it possible to let RESTler know which authentication it will use for a given request.
In our case, the same API uses both Bearer Authentication as well as Basic Authenti…
-
When I try to use the standard JWT header:
"Authorization":"bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9....",
it returns me
`jwt.exceptions.DecodeError: Invalid header padding`
However after I re…
-
Hello! Is there any way to change the error messages when there is no header and when the token is not valid? Currently the messages are the following
```js
{
"message": "authorization header…
-
Some applications may want to authorize user input using multiple bearer tokens, for example an identity and an MAA token.
While there is no standard way to do that, we could support a slightly ext…
-
**Expected Behavior**
[RFC 9126](https://datatracker.ietf.org/doc/html/rfc9126) introduces pushed authorization requests (PAR) for OAuth. In essence, pushed authorization requests allow the client …
-
We did some research into the best approach for handling logouts securely. Ticket [#43
](https://github.com/CDLUC3/dmsp_backend_prototype/issues/43). Please refer to the comments in that ticket for …
-
**NOTE**: Please test in a least two browsers (i.e. Chrome and Firefox). This
helps with diagnosing problems quicker.
# Setup
> Please provide the following details, the more info you can provi…
-
Section 5.3 [Identity Assertion Authorization Grant JWT](https://datatracker.ietf.org/doc/html/draft-parecki-oauth-identity-assertion-authz-grant#name-identity-assertion-authoriz) says that the IdP sh…