-
-
Notifications
You must be signed in to change notification settings - Fork 763
Authorization Endpoint does not support POST #3168
Comments
Is that blocking you? |
No... |
Thanks. I totally forgot that POST is a MUST. It was not required for our compliance certification though. |
Turns out our routing infrastructure would require some changes that we'd rather not do. IdentityServer4 is fully compliant, BTW. So given that this is not blocking you, we'll close. |
@brockallen what are breaking changes you mention? I'm trying to get wso2 store to use IndentityServer3 as the sts for login, and they issue a POST to authorize endpoint instead of GET. |
I don't recall, honestly. I know that how we do our routing and how that maps to our controllers was affected. I spent 1-2 hours trying to make it work with minimal interruption, but wasn't terribly successful. |
Just saw this PR #3234 . Any plans on merging it in? |
I don't recall if that was incomplete or not, but I see a 3.0 label -- perhaps that's the one with the breaking changes. |
Was this ever fixed? |
I've not seen anything related to that issue recently. I guess it's not fixed (yet) |
Just in case an additional comment could tilt the balance in favor of the PR #3234 |
According to 2.6 release notes, this enhancement was delivered in that release. But the pull request appears to be still outstanding. Does IdSrvr3 2.6.x support POST for the authorize endpoint, or do I need to upgrade to IdSrvr4? https://github.com/IdentityServer/IdentityServer3/releases/tag/2.6.0 We are currently using 2.5.3 and starting to get close to URL limits for the authorize endpoint. Some of our clients pass a lot of information in either AuthenticationProperties and/or acr values |
Question / Issue
According to the OpenID Connect Core 1.0 specification the method POST should be supported.
I've made some tests and realized that it's not the case. The Identity Server 3 returns me an HTTP
405 Method Not Allowed
with the following contents:The text was updated successfully, but these errors were encountered: