Problem statement
This article details an issue where users see an increase in the number of failed login attempts with a description message “missing client parameter” and the log message is not clear.
Cause
This error occurs when the client is missing when visiting /login.
Solution
This can occur if users are hitting /login directly rather than going through /authorize. To avoid this, ensure that applications are only initiating logins via /authorize.
In the case where users may visit /login themselves, this can be solved by configuring a default login route. For more information, refer to Configure Default Login Routes.