KEYCLOAK-14019 Improvements for request_uri configuration
(cherry picked from commit c6f2e456f531c4dbe4cae7fc4c209744223a462b)
This commit is contained in:
parent
9a21c9cb05
commit
9f4b766a9f
1 changed files with 10 additions and 0 deletions
|
@ -1,5 +1,15 @@
|
|||
== Migration Changes
|
||||
|
||||
=== Migrating to 12.0.2
|
||||
|
||||
==== Valid Request URIs
|
||||
|
||||
If you use the OpenID Connect parameter `request_uri`, a requirement exists that your client needs to have `Valid Request URIs` configured.
|
||||
This can be configured through the admin console on the client details page or through the admin REST API or client registration API. Valid Request URIs need
|
||||
to contain the list of Request URI values, which are permitted for the particular client. This is to avoid SSRF attacks. There is possibility to use wildcards
|
||||
or relative paths similarly such as the `Valid Redirect URIs` option, however for security purposes, we typically recommend to use as specific value
|
||||
as possible.
|
||||
|
||||
=== Migrating to 12.0.0
|
||||
|
||||
==== Upgrade to Wildfly 21
|
||||
|
|
Loading…
Reference in a new issue