How can /api/auth be secured? #10948
Unanswered
rikyreas14
asked this question in
Other
Replies: 1 comment
-
|
We cannot suggest much since you haven't explained what you consider sensitive or why. We do not guess in this community. OAuth 2 and OpenID Connect generally have well known API endpoints used for discovery and and different workflows where different parties (tools, libraries) involved may or may not have a way to authenticate with each other using an "out of band" mechanism. If you want to protect a certain API endpoint, you can put a proxy in front of it and restrict network access to the endpoint that way. |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
Describe the bug
If I integrate rabbitmq with azure /api/auth is exposing sensitive data through non-secured apis
Reproduction steps
3.access /api/auth
...
Expected behavior
is there any workaround or we can add security to api/auth
Additional context
No response
Beta Was this translation helpful? Give feedback.
All reactions