Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Typo in the word vulnerable #34596

Closed
sk-shahnawaz opened this issue Jan 30, 2025 · 1 comment
Closed

Typo in the word vulnerable #34596

sk-shahnawaz opened this issue Jan 30, 2025 · 1 comment
Labels
aspnet-core/svc security/subsvc Source - Docs.ms Docs Customer feedback via GitHub Issue ⌚ Not Triaged

Comments

@sk-shahnawaz
Copy link
Contributor

sk-shahnawaz commented Jan 30, 2025
edited by dotnetrepoman bot
Loading

Description

Section link: https://learn.microsoft.com/en-us/aspnet/core/security/authentication/configure-jwt-bearer-authentication?view=aspnetcore-9.0#never-create-an-access-token-from-a-usernamepassword-request

Content:

You should NOT create an access token from a username/password request. Username/password requests aren't authenticated and are vunerable to impersonation and phishing attacks. Access tokens should only be created using an OpenID Connect flow or an OAuth standard flow. Deviating from these standards can result in an insecure app.

Page URL

https://learn.microsoft.com/en-us/aspnet/core/security/authentication/configure-jwt-bearer-authentication?view=aspnetcore-9.0

Content source URL

https://github.com/dotnet/AspNetCore.Docs/blob/main/aspnetcore/security/authentication/configure-jwt-bearer-authentication.md

Document ID

8d24839c-6c0a-3b29-d9f1-0f52becbf0f5

Article author

@damienbod

Metadata

  • ID: 8d24839c-6c0a-3b29-d9f1-0f52becbf0f5
  • Service: aspnet-core
  • Sub-service: security

Related Issues
@dotnetrepoman dotnetrepoman bot added aspnet-core/svc security/subsvc Source - Docs.ms Docs Customer feedback via GitHub Issue labels Jan 30, 2025
sk-shahnawaz added a commit to sk-shahnawaz/AspNetCore.Docs that referenced this issue Jan 30, 2025
@sk-shahnawaz
fix: dotnet#34596 typo
44a5c54
@sk-shahnawaz
Copy link
Contributor Author

#34597

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
aspnet-core/svc security/subsvc Source - Docs.ms Docs Customer feedback via GitHub Issue ⌚ Not Triaged
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@sk-shahnawaz