summaryrefslogtreecommitdiffstats
path: root/release-notes/4724.md
diff options
context:
space:
mode:
Diffstat (limited to 'release-notes/4724.md')
-rw-r--r--release-notes/4724.md1
1 files changed, 1 insertions, 0 deletions
diff --git a/release-notes/4724.md b/release-notes/4724.md
new file mode 100644
index 0000000..4037c71
--- /dev/null
+++ b/release-notes/4724.md
@@ -0,0 +1 @@
+OIDC integrations that POST to `/login/oauth/introspect` without sending HTTP basic authentication will now fail with a 401 HTTP Unauthorized error. To fix the error, the client must begin sending HTTP basic authentication with a valid client ID and secret. This endpoint was previously authenticated via the introspection token itself, which is less secure.