Hi Isura\Tharindu,
Why do we need the,
>
>
> - [POST] : /{user-id}/federated-associations
>
>
Thanks,
On Wed, Oct 30, 2019 at 10:00 AM Tharindu Bandara <[email protected]>
wrote:
> Hi Isura,
>
> I think this API is not required. If this is supported, anyone can
>> associate federated accounts without authentication. That can cause a
>> security issue.
>>
>
> +1. I will remove the [POST] : /me/federated-associations API.
>
> Regards,
> --
> *Tharindu Bandara*
> Senior Software Engineer | WSO2
>
> Email : [email protected]
> Mobile : +94 714221776
> web : http://wso2.com
> <https://www.google.com/url?q=http://wso2.com&sa=D&ust=1517653383990000&usg=AFQjCNFggB4bSJTKmdqKcBV0VY9xx1ABKg>
>
> https://wso2.com/signature
>
--
Regards,
*Darshana Gunawardana*Technical Lead
WSO2 Inc.; http://wso2.com
*E-mail: [email protected] <[email protected]>*
*Mobile: +94718566859*Lean . Enterprise . Middleware
_______________________________________________
Architecture mailing list
[email protected]
https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
