Project

General

Profile

Actions

Bug #26071

open

Default configuration for user API tokens should be disabled for OIDC and OAuth2

Added by Clark ANDRIANASOLO 7 days ago. Updated 7 days ago.

Status:
Pending release
Priority:
N/A
Category:
Security
Target version:
Severity:
Minor - inconvenience | misleading | easy workaround
UX impact:
User visibility:
First impressions of Rudder
Effort required:
Very Small
Priority:
0
Name check:
To do
Fix check:
To do
Regression:
No

Description

In parent ticket we added the feature to disable/enable the API token, but it remained always enabled by default : rudder.auth.oidc.userRestToken=enabled
For security reasons, we want to make it disabled by default for OIDC/OAuth2

Actions

Also available in: Atom PDF