Issue #3164
closed
Requesting a JWT token doesn't support basic auth
Description
Currently, you have to pass username and password in the body of the POST request to /api/v3/jwt. It should probably use basic auth.
There's some debate around whether to use basic auth in addition to allowing users to submit username/password as POST params or just basic auth.
- Subject changed from Requesting a JWT token should have basic auth to Requesting a JWT token should support basic auth
- Subject changed from Requesting a JWT token should support basic auth to Requesting a JWT token doesn't support basic auth
- Triaged changed from No to Yes
I think we should only accept basic auth. Having one endpoint accept another one seems inconsistent.
- Related to Story #3163: As a user, I can refresh an unexpired JWT. added
JWT got removed from the MVP. Going to revisit again in 3.1+ with new user stories.
- Status changed from NEW to CLOSED - WONTFIX
- Sprint/Milestone set to 3.0.0
- Tags deleted (
Pulp 3, Pulp 3 MVP)
Also available in: Atom
PDF
.