forgejo_a_10.0.1/release-notes/4724.md
David Rotermund 3ce683f79b
Some checks failed
Integration tests for the release process / release-simulation (push) Has been cancelled
Init
2025-02-23 03:12:21 +01:00

1 line
359 B
Markdown

OIDC integrations that POST to `/login/oauth/introspect` without sending HTTP basic authentication will now fail with a 401 HTTP Unauthorized error. To fix the error, the client must begin sending HTTP basic authentication with a valid client ID and secret. This endpoint was previously authenticated via the introspection token itself, which is less secure.