ApiEndpoint.AreBearerTokensDisabled

Are the access tokens bearer tokens?

This test determines whether the API endpoint accepts the access token as is, or whether it requires additional client authentication.

View source code on GitHub

Documents

This test is part of the following document(s):

• OAuth 2.0 Security Best Current Practice (draft 25) (SecBCP), section 2.2.1 (should)

Back to the test case overview or the threat overview