Currently when following the /auth flow through authenticator the Consent Artifact is actually taken from the body and not from database or token in gatekeeper which leads to anyone changing the artifact permissions according to their will irrespective of the consent granted from the user.
Currently when following the
/auth
flow through authenticator the Consent Artifact is actually taken from the body and not from database or token in gatekeeper which leads to anyone changing the artifact permissions according to their will irrespective of the consent granted from the user.