You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I think I have an odd edge case here. We are working on an iOS app using the http-bearer authentication method + trying to link facebook-token passports together.
When we make a request we would like to pass the bearer auth token to prove a user is logged in and then attach and approve a facebook-token strategy.
I noticed this library sends a 400 if you have a header token + an access_token on the body of a post.
Is this a security issue of not allowing both since 2 potential tokens could be sent? Whats the work around if any?
The text was updated successfully, but these errors were encountered:
I think I have an odd edge case here. We are working on an iOS app using the http-bearer authentication method + trying to link facebook-token passports together.
When we make a request we would like to pass the bearer auth token to prove a user is logged in and then attach and approve a facebook-token strategy.
I noticed this library sends a 400 if you have a header token + an access_token on the body of a post.
Is this a security issue of not allowing both since 2 potential tokens could be sent? Whats the work around if any?
The text was updated successfully, but these errors were encountered: