8000 More secure call of Facebook debug token · Issue #40926 · keycloak/keycloak · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content
More secure call of Facebook debug token #40926
New issue
New issue
Closed
#40927
Closed
More secure call of Facebook debug token#40926
#40927
Assignees
mposolda
Labels
area/token-exchange/federatedIssues related to federated token exchange (external-internal or internal-external)kind/enhancementCategorizes a PR related to an enhancementrelease/26.4.0team/core-clients
@mposolda

Description

@mposolda
mposolda
opened on Jul 4, 2025

Description

The request to Facebook debug token during external-internal token exchange request for V2 is called by using GET method and adding client credentials and input_token inside the GET request parameters. Could we make this a bit more secure and avoid confidential data in the GET request parameters? Perhaps in the HTTP headers or POST request body?

Discussion

No response

Motivation

No response

Details

No response

Metadata

Metadata

Assignees

Labels

area/token-exchange/federatedIssues related to federated token exchange (external-internal or internal-external)kind/enhancementCategorizes a PR related to an enhancementrelease/26.4.0team/core-clients

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions
    0