October 22, 2024
Chicago 12, Melborne City, USA
OiO.lk Blog security Is exposing Authority, ClientID and Scope through unprotected endpoint secure?
security

Is exposing Authority, ClientID and Scope through unprotected endpoint secure?

  • by
  • October 17, 2024
  • 0 Comments
  • Less than a minute
  • 6 Views
  • 6 days ago


Recently I found an unprotected endpoint in BFF API that exposes:

  • ClientId
  • Scope
  • Authority

Frontend consuming this endpoint uses this response to kick off AuthorizationCode + PKCE flow.
Is this secure?



You need to sign in to view this answers

Share This Post:

Leave feedback about this

  • Quality
  • Price
  • Service

PROS

+
Add Field

CONS

+
Add Field
Choose Image
Choose Video

Related Post

jQuery

Bootstrap mulitselect selected items not working after AJAX call

October 22, 2024
HTML

How to make infinite repeating popups on click in

October 22, 2024
Android

Cannot click on button in CollectionView in MAUI App

October 22, 2024
PHP

How to retrieve che correct date column from custom

October 22, 2024
C#

Is it possible to create a large array in

October 22, 2024
java

ERROR Connection to localhost:5432 refused

October 22, 2024