Closed jpadilla closed 3 years ago
Verify token issuer against AUTH0_RTA value stored in extension secret.
https://auth0team.atlassian.net/browse/SEC-530
✅ This change has been tested in a Webtask
🚫 This change has unit test coverage
🚫 This change has integration test coverage
🚫 This change has been tested for performance
✅ This can be deployed any time
In order to verify that the deployment was successful we will use reproduction instructions from SEC ticket.
We will rollback if access or functionality to extension is affected.
Explain how the rollback for this change will look like, how we can recover fast.
Note to reviewers: ensure that this change is compatible with the Appliance.
✏️ Changes
Verify token issuer against AUTH0_RTA value stored in extension secret.
🔗 References
https://auth0team.atlassian.net/browse/SEC-530
🎯 Testing
✅ This change has been tested in a Webtask
🚫 This change has unit test coverage
🚫 This change has integration test coverage
🚫 This change has been tested for performance
🚀 Deployment
✅ This can be deployed any time
🎡 Rollout
In order to verify that the deployment was successful we will use reproduction instructions from SEC ticket.
🔥 Rollback
We will rollback if access or functionality to extension is affected.
📄 Procedure
🖥 Appliance
Note to reviewers: ensure that this change is compatible with the Appliance.