Skip to content

3.0.0
Compare
Choose a tag to compare
@sei-ebram sei-ebram released this 20 Apr 14:55
· 21 commits to main since this release
3.0.0
3c0549f

There are no fix details or known issues to report in version 3.0.0.

Enhancement Details

Breaking Change!

In the Identity server, the use of implicit flow is no longer recommended for OAuth 2.0 clients. The current recommendation is to use authorization code flow and PKCE. This change makes the default deployment authorization code.

System administrators must adjust the IdentityServer client for this application to use Authorization Code flow with PKCE instead of the implicit flow.

Administrators will need to add a TokenUrl to the appsettings in the following format:

"Authorization": {
    "TokenUrl": "https://<identity_server_url>/connect/token",
}

Note: If this breaking change is not made, then Alloy.Api can't properly authenticate with IdentityServer.

Assets 2
Loading