product-is icon indicating copy to clipboard operation
product-is copied to clipboard

Published 20 hours ago verified publisher icon wso2

showAuthFailureReason not honoured in password grant

Open isuruhettiarachchi opened this issue 9 months ago • 0 comments

Describe the issue: In the WSO2 IS, we can set the showAuthFailureReason to true to show the authentication failure reason in the browser based login flows. However, this flow is not honoured in the password grant and the password grant will always show the authentication failure reason regardless of the showAuthFailureReason value.

[authentication.authenticator.basic.parameters] showAuthFailureReason = true

How to reproduce:

  1. Try the password grant with an locked user account.
  2. It will respond saying the account is locked regardless of the showAuthFailureReason value.

Expected behavior: Showing authentication failure should be consistent across all the login flows including the password grant.

Environment information:

  • Product Version: IS 5.10.0

Note: this should be fixed by providing an additional config for support password grant to avoid any behavioral changes.

isuruhettiarachchi avatar May 29 '24 08:05 isuruhettiarachchi