ENXF NET
Administrator
Staff member
Administrator
Moderator
+Lifetime VIP+
S.V.I.P.S Member
S.V.I.P Member
V.I.P Member
Collaborate
Registered
- Joined
- Nov 13, 2018
- Messages
- 32,362
- Points
- 823
Reputation:
This is gray on a feature ask vs bug, but hoping I can sneak it into the bug fix bucket as a potential security improvement.
Ask: Support
TLDR: Apps that use XenForo as an OAuth2 provider currently have no way to force a fresh login. If a user "logs out" of the app and tries to sign back in, they get silently...
Read more
Continue reading...
Ask: Support
prompt=login (and ideally max_age=0) at the OAuth2 authorization endpoint (e.g. /oauth2/authorize endpoint) so relying parties can force re-authenticationTLDR: Apps that use XenForo as an OAuth2 provider currently have no way to force a fresh login. If a user "logs out" of the app and tries to sign back in, they get silently...
Read more
Continue reading...