You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Thanks for your issue.
You are right. This needs to be changed. This will required a bit of rework to allow 500 in some cases and 401 in majority.
I don't know when I will have the time to do it sorry.
Describe the bug
When JWT authorization validation fails, the HTTP response status is 500 instead of the standard 401.
To Reproduce
Steps to reproduce the behavior:
Expected behavior
Whenever authorization fails, the response status should be set to 401, since it is not a server side error at all.
The same applies to any other concrete JWT validation error case, e.g.:
Screenshots
Example for a wrong issuer:
Version and platform (please complete the following information):
Additional context
Add any other context about the problem here.
The text was updated successfully, but these errors were encountered: