-
**Expected Behavior**
A POST /authorize without the `openid` scope should be accepted by the authorization server
**Current Behavior**
A POST /authorize without the openid scope returns a 404 wit…
-
**Problem description**
While discussing another [issue](#191 ), it was found that ICM participants have different interpretations on whether the CAMARA-API-access-and-user-consent.md and CAMARA-Secu…
-
### Validations
- [X] I believe this is a way to improve. I'll try to join the [Continue Discord](https://discord.gg/NWtdYexhMs) for questions
- [X] I'm not able to find an [open issue](https://githu…
-
-
Currently, pRMT utilizes [ManagementPortalLoginManager](https://github.com/RADAR-base/radar-commons-android/blob/master/radar-commons-android/src/main/java/org/radarbase/android/auth/portal/Management…
-
### BC Idea Link
https://experience.dynamics.com/ideas/idea/?ideaid=c432a449-f9e5-ee11-a73d-6045bdb71da1
### Description
Provide support for Authorization Code Flow with PKCE by adding overloads or…
-
**Problem description**
With issue #145 it was agreed to allow using the operator token for device authentication by passing this token as value in the /bc_authorize request as 3rd option for -loginh…
-
### Is there an existing issue for this?
- [X] I have searched the existing issues
### Current behavior
When I generate code snippets for a request that has inherited it's `Authorization` header, I…
-
# OIDC Flow
## As-is Situation
Currently authorino is able to authenticate requests based on provided credentials by extracting them from the ext auth check request.
i.e extracting an jwt from th…
-
In the OAuth 2.0 Authorization Code Flow, certain Identity Providers like Microsoft require specific headers during the access token call. Without these headers, requests fail with errors like AADSTS9…