You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
If the protected resource request does not include authentication
credentials or does not contain an access token that enables access
to the protected resource, the resource server MUST include the HTTP
"WWW-Authenticate" response header field;
The text was updated successfully, but these errors were encountered:
Yes I guess they should.
We could add it to the example and also refer to it in the problem type description, referring to the OAuth2 spec for further info.
Shouldn't these problem responses contain a WWW-Authenticate HTTP response header?
See https://www.rfc-editor.org/rfc/rfc6750#section-3
The text was updated successfully, but these errors were encountered: