OiO.lk Blog security Is exposing Authority, ClientID and Scope through unprotected endpoint secure?
security

Is exposing Authority, ClientID and Scope through unprotected endpoint secure?

  • By admin
  • October 17, 2024
  • 0 Comments
  • Less than a minute
  • 6 Views
  • 6 days ago


Recently I found an unprotected endpoint in BFF API that exposes:

  • ClientId
  • Scope
  • Authority

Frontend consuming this endpoint uses this response to kick off AuthorizationCode + PKCE flow.
Is this secure?



You need to sign in to view this answers

Leave a Comment

Related Post

jQuery

Django + jQuery: No Image Provided Error with 400

October 22, 2024
HTML

Why is the JavaScript Variable not showing on the

October 22, 2024
Android

Is it better to store multiple image sizes in

October 22, 2024
PHP

Filament 3: TextInput numeric field truncating large numbers to

October 22, 2024
C#

Creating a time based system—hours minutes seconds

October 22, 2024
java

Login servlet app with session and cookies

October 22, 2024
Exit mobile version