From fc11301a14a2c37c52a3821351a90d228fb3a017 Mon Sep 17 00:00:00 2001 From: Shilpa Padgaonkar <77152136+shilpa-padgaonkar@users.noreply.github.com> Date: Sat, 24 Feb 2024 09:27:04 +0100 Subject: [PATCH 1/2] Fix incorrect OpenIDConnect discovery url Fixes #3152 Signed-off-by: Henry H. Andrews --- versions/3.1.1.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/versions/3.1.1.md b/versions/3.1.1.md index ba0c981900..994e3f2778 100644 --- a/versions/3.1.1.md +++ b/versions/3.1.1.md @@ -3430,7 +3430,7 @@ animals: Defines a security scheme that can be used by the operations. -Supported schemes are HTTP authentication, an API key (either as a header, a cookie parameter or as a query parameter), mutual TLS (use of a client certificate), OAuth2's common flows (implicit, password, client credentials and authorization code) as defined in [RFC6749](https://tools.ietf.org/html/rfc6749), and [RFC8414](https://datatracker.ietf.org/doc/html/rfc8414). +Supported schemes are HTTP authentication, an API key (either as a header, a cookie parameter or as a query parameter), mutual TLS (use of a client certificate), OAuth2's common flows (implicit, password, client credentials and authorization code) as defined in [RFC6749](https://tools.ietf.org/html/rfc6749), and [OpenID Connect Discovery](https://openid.net/specs/openid-connect-discovery-1_0.html). Please note that as of 2020, the implicit flow is about to be deprecated by [OAuth 2.0 Security Best Current Practice](https://tools.ietf.org/html/draft-ietf-oauth-security-topics). Recommended for most use case is Authorization Code Grant flow with PKCE. ##### Fixed Fields From c034f86ee5e31b3810897072ec293c273b41b275 Mon Sep 17 00:00:00 2001 From: Shilpa Padgaonkar <77152136+shilpa-padgaonkar@users.noreply.github.com> Date: Mon, 4 Mar 2024 10:20:24 +0100 Subject: [PATCH 2/2] changed ref and url -Update 3.1.1.md Signed-off-by: Henry H. Andrews --- versions/3.1.1.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/versions/3.1.1.md b/versions/3.1.1.md index 994e3f2778..3a68cd12d3 100644 --- a/versions/3.1.1.md +++ b/versions/3.1.1.md @@ -3430,7 +3430,7 @@ animals: Defines a security scheme that can be used by the operations. -Supported schemes are HTTP authentication, an API key (either as a header, a cookie parameter or as a query parameter), mutual TLS (use of a client certificate), OAuth2's common flows (implicit, password, client credentials and authorization code) as defined in [RFC6749](https://tools.ietf.org/html/rfc6749), and [OpenID Connect Discovery](https://openid.net/specs/openid-connect-discovery-1_0.html). +Supported schemes are HTTP authentication, an API key (either as a header, a cookie parameter or as a query parameter), mutual TLS (use of a client certificate), OAuth2's common flows (implicit, password, client credentials and authorization code) as defined in [RFC6749](https://tools.ietf.org/html/rfc6749), and [OpenID Connect Core](https://openid.net/specs/openid-connect-core-1_0.html). Please note that as of 2020, the implicit flow is about to be deprecated by [OAuth 2.0 Security Best Current Practice](https://tools.ietf.org/html/draft-ietf-oauth-security-topics). Recommended for most use case is Authorization Code Grant flow with PKCE. ##### Fixed Fields