Details
-
Task
-
Resolution: Fixed
-
Major - P3
-
None
-
None
-
None
-
Minor Change
-
Security 2023-04-03
Description
We should not accept a Client Secret in our OAuth2 configuration. We are a public client, so we should not allow the Authorization Server to allocate a secret and potentially believe we are a confidential client.