Skip to content

[Bug]: /api/applications/home includes the App Client Secret #1453

New issue
New issue
Closed
Bug
Closed
[Bug]: /api/applications/home includes the App Client Secret#1453
Bug
Assignees
dragonpoo
Labels
API-ServiceBackend Java Spring for the Lowcoder APIBugSomething isn't working
@meretrout

Description

@meretrout
meretrout
opened on Jan 21, 2025

Is there an existing issue for this?

  • I have searched the existing issues

Current Behavior

I have setup a Generic OAuth Provider using Azure. I noticed that the Client Secret is shown on /api/applications/home

Expected Behavior

This is an unnecessary security risk.

Steps to reproduce

Setup Generic OAuth Provider using Azure.

Environment

Clean install of 2.5.3 running in an all-in-one Docker container.

Additional Information

No response

Metadata

Metadata

Assignees

Labels

API-ServiceBackend Java Spring for the Lowcoder APIBugSomething isn't working

Type

Projects

Lowcoder

Status

✅ Done

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions