Authentication route use Basic Auth

このページは日本語には対応しておりません。随時翻訳に取り組んでいます。翻訳に関してご質問やご意見ございましたら、お気軽にご連絡ください。

Description

Basic Auth has multiple shortcomings and should be avoided:

  • Sends credentials in every request (meaning any interception can result in credential leakage)
  • Is often cached by the browser
  • Does not support logout or session management
  • Rationale

Route might be vulnerable to ATO.

Remediation

  • Migrate to a stronger auth scheme.