Overview
If a request is made to https://<mytenant>.auth0.com/<randomstring>/oauth/token, the request is still successful.
This article explains this behavior.
Applies To
- Tokens
- Requests
Solution
This is expected behavior and has been kept for historical reasons. This behavior can be ignored entirely, as there is no security impact, and all the same protection mechanisms apply.