Andrea Ceccanti

Is there a plan to provide a fix for this issue?

CIao Stefano, thanks. Yes this is a known issue, with an easy workaround: click on the table headers to trigger a sorting of the records (e.g., the name column) and...

Ok, adding this to the 1.6 backlog

Does #330 fix this as well? It's now possible to have a login page that looks like this: 

The device endpoint on IAM currently requires FORM authentication. So just dropping the basic authorization header should solve your issue.

I got a bit confused. Are we talking about the token or the devicecode endpoint? The /devicecode endpoint actually requires basic authentication AFAIU. The /token endpoint supports both basic and...

> But I think the token endpoint should accept basic auth in the header also for requests that are part of the device flow. if the client is configured to...

The basic auth filter comes first, the form auth second. Ideally the form shouldn't mess with the basic auth, but in practice if you include `client_id` IAM thinks you're using...

yeah, that's the default device code approval shown by MitreID Connect that I also find suboptimal from an UI point of view, and we have in the backlog to improve...

btw: the context is mostly known **after** having entered the code