Closed ghost closed 5 years ago
A proposal for an access denied redirect - distinct from the existing redirect parameter in that it will not be triggered by authentication failures (missing/invalid/expired token), but only authorization failures (unmatched claims).
redirect
A proposal for an access denied redirect - distinct from the existing
redirect
parameter in that it will not be triggered by authentication failures (missing/invalid/expired token), but only authorization failures (unmatched claims).