Authentication method

Anup · January 3, 2024, 11:40am

As per this link we need to set the authentication method to ‘None’ to resolve teh ‘unauthorized’ issue. Token Endpoint Authentication Method Post vs None

What’s the purpose of authentication method and what is the downside to setting the value to None.

tyf · January 3, 2024, 11:37pm

Hey there @Anup!

I’ll echo the question with regards to what is your use case and what type of application (SPA, web, etc.) are you using?

The token endpoint authentication method determines how a client authenticates with the token endpoint - The ‘none’ method is essential for applications where storing credentials isn’t feasible (public clients). Other security mechanisms like PKCE and strict redirect URI validation are used to ensure the security of the OAuth flow.

system · January 17, 2024, 11:37pm

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Security risk with authentication method being none Help dashboard , admin-management	2	345	April 24, 2024
Authentication method misunderstnading Help login-experience , new-universal-login-experience	2	14	October 2, 2024
Token Endpoint Authentication Method Help login-experience , new-universal-login-experience	2	1540	December 26, 2023
Getting token via Resource Owner Password without client secret Help	8	7916	April 17, 2019
How can I enable OTP password on a singel page application? Help classic-universal-login-experience , login-experience	2	15	September 7, 2024

Authentication method

Related Topics