You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We should consider erroring and telling applications to change basic to client_secret_basic and post to client_secret_post.
(Note: this could also be done in Spring Boot possibly, though I think we should first consider doing it in Spring Security since we can catch more misconfigurations that way)
Questions like https://stackoverflow.com/questions/75224023/spring-oauth2-login-not-working-after-migrating-to-spring-boot-3 indicate that it's not clear that
clientAuthenticationMethod: basic
is no longer a supported value forClientAuthenticationMethod
.We should consider erroring and telling applications to change
basic
toclient_secret_basic
andpost
toclient_secret_post
.(Note: this could also be done in Spring Boot possibly, though I think we should first consider doing it in Spring Security since we can catch more misconfigurations that way)
Related to https://docs.spring.io/spring-security/reference/5.8/migration/servlet/oauth2.html#_clientauthenticationmethod
The text was updated successfully, but these errors were encountered: