Andrea Aime created an issue |
OpenId connect authorization fails when the authentication token is too large |
Issue Type: |
Bug |
---|---|
Assignee: |
Unassigned |
Components: |
Community modules |
Created: |
10/Feb/21 12:56 PM |
Priority: |
Medium |
Reporter: |
Currently the token is added as a query parameter in the callback to “userinfo”, but that can cause the URL to become too long. The standard recommends to use a HTTP header instead, which while having size restrictions also, has at least significantly larger ones compared to the URL length. |
Get Jira notifications on your phone! Download the Jira Cloud app for Android or iOS |
|
This message was sent by Atlassian Jira (v1001.0.0-SNAPSHOT#100154-sha1:7cdb571) |