NGINX introspection endpoints moved from public API (port 3081) to private API (port 8900). This is a security fix - Nginx introspection is for internal use only!
NGINX introspection endpoint paths changed so that all start with /nginx/introspect for easier filtering (see below for updated paths).
Batman NGINX introspection method changed to POST (unification with all the other introspection endpoints).
Migration
In your NGINX configuration, simply replace the old paths with the new ones:
OLD endpoint
NEW endpoint
POST {PUBLIC_API}/openidconnect/introspect/nginx
POST {PRIVATE_API}/nginx/introspect/openidconnect
POST {PUBLIC_API}/cookie/nginx
POST {PRIVATE_API}/nginx/introspect/cookie
POST {PUBLIC_API}/cookie/nginx/anonymous
POST {PRIVATE_API}/nginx/introspect/cookie/anonymous
POST {PUBLIC_API}/m2m/nginx
POST {PRIVATE_API}/nginx/introspect/m2m
PUT {PUBLIC_API}/batman/nginx
POST {PRIVATE_API}/nginx/introspect/batman
Backwards compatibility
To keep the old public endpoints available while you transition to the new private ones, use the following config option:
Note that this setting should be used only temporarily for the period of migration, to minimize the impact to network traffic. This functionality will be removed soon.
this is a post-fix to #301
Breaking changes
/nginx/introspectfor easier filtering (see below for updated paths).Migration
In your NGINX configuration, simply replace the old paths with the new ones:
Backwards compatibility
To keep the old public endpoints available while you transition to the new private ones, use the following config option:
Note that this setting should be used only temporarily for the period of migration, to minimize the impact to network traffic. This functionality will be removed soon.