-
# Bug Report
There are issues here and there with the OIDC/OAuth implementation that you can find reports on in numerous tickets. The biggest issue is, that the logs give you no feedback on what is…
-
In the codebase we have OAuth2 Implicit Grant (src/Server/Grants/OAuth2ImplicitGrant.php), which is triggered by 'response_type' = 'token' param request on authorization endpoint.
This is not OIDC …
-
**Is your feature request related to a problem? Please describe.**
When user trying to login using OAuth2 client, he sees three screens:
- authpicker page
- login page
- grant page
First…
-
Currently, Client credentials, Authorization code and Implicit flow are supported. Please add support also for password flow. The required fields would be all the fields in Client credentials flow + u…
-
I was not able to find whether the test engine can already send access tokens to the system under test. As enterprise systems usually do not even offer the option to interact without any kind of authe…
-
**Please describe feature/problem details and the solution you'd like.**
We use a custom authorization header instead of `Authorization`, which means when we use the oAuth2 flow, we have to manually …
-
### Feature Request / Improvement
There have been a few very valuable discussions on AuthN in the Iceberg Mailing list initiated by the Nessie Team resulting in https://github.com/apache/iceberg/pull…
-
OAuth defines client credentials flow as a means of obtaining access token on behalf of the client application, without end-user authentication. This token is used for M2M requests, like an API key.
…
-
**Describe the bug**
The OAuthgrant filter requires a tokeninfo URL which is only called by a GET [request.](https://github.com/zalando/skipper/blob/master/filters/auth/authclient.go#L111) However so…
-
I'm trying to implement [Security Bootstrapping](https://w3c.github.io/wot-discovery/#exploration-secboot) using the OAuth2 code flow.
The WoT Discovery specification says "Security bootstrapping M…