![]() The draft specification for OAuth 2.1 specifically omits both the GitLab recommends against use of this flow. Resource owner password credentials: To be used only for securely. ![]() Authorization code: Secure and common flow.Without PKCE, you’d have to include client secrets on mobile clients,Īnd is recommended for both client and server apps. Authorization code with Proof Key for Code Exchange (PKCE):.GitLab supports the following authorization flows: The headers listed for simple requests.įor example, the X-Requested-With header can’t be used for preflight requests.Only certain headers can be used for preflight requests: From GitLab 15.1, the following endpoints also Many /oauth endpoints support cross-origin resource sharing (CORS). CORS preflight request support introduced in GitLab 15.1.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |