Mister Miyagi
Results
2
issues of
Mister Miyagi
When passing invalid client credentials (either client_id or client_secret) when requesting an access token, instead of returning a 400 response code, it should be returning a 401 response code for...
When you are using the UserCredentials grant, the default TokenController doesn't check if Client Credentials user_id matches with UserCredentials user_id. This means when you are requesting a token you can...