Closed

External Provider API is exposing key value #2743

0

shobhit created 2 years ago

ABP Framework version: v4.2.2
UI type: Angular
DB provider: EF Core
Tiered (MVC) or Identity Server Separated (Angular): yes
Exception message and stack trace:
Steps to reproduce the issue:"

access api url: https://myapi.com/api/account/external-provider/by-name?Name=<provider> like Google
user can get all details about external provider configuration
this is not secured

1 Answer(s)

0

maliming created 2 years ago
Support Team Fullstack Developer

user can get all details about external provider configuration

these are public info not including the secrets.

Have an answer to this question? Log in and write your answer.

Made with ❤️ on ABP v8.2.0-preview Updated on March 25, 2024, 15:11