Details

    • Type: Sub-Task
    • Status: Closed
    • Priority: Minor
    • Resolution: Completed
    • Affects Version/s: None
    • Fix Version/s: 1.0-portal_7.1.0
    • Component/s: None
    • Labels:
      None
    • Sprint:
      August_Appliaction Security

      Description

      A confirmation box screen used from OAUTH2-78 to reset OAuth2 Application client_secret field to a new secure random value.

      The confirmation box should clearly state that:

      • existing remote clients can no longer use the old client secret in supported OAuth2 grant processes to grant new tokens (Authorization Code, Resource Owner Password Credentials, Client Credentials)
      • existing granted tokens remain valid, to revoke all tokens application must be deleted

       

      The screen must show the new value of client_secret that will be used for the application. The client_secret should be generated on server using secure random generator.

        Attachments

          Issue Links

            Activity

              People

              • Votes:
                0 Vote for this issue
                Watchers:
                0 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:

                  Packages

                  Version Package
                  1.0-portal_7.1.0