lakewatcher commented on issue #10986: URL: https://github.com/apache/apisix/issues/10986#issuecomment-1977826065
> The redirect_uri whitelist is usually requied, for example: Auth0 \ keyclock. If there are many routes, it is definitely not suitable > In reality, no one will use regular matching to completely expose all interfaces of a service. Instead, it actively manages the lifecycle of each API, including going online, offline, scheduled releases, and preventing some interfaces from being exposed to the public.If OIDC must be configured with regularization, it may not be applicable to all scenarios. redirect_uri 白名单的必须设置,例如: Auth0 \ keycloack ,很多的话肯定不合适. 现实中,大家不会使用正则匹配完全暴漏一个服务的全部接口。而是主动的管理每一个API的生命周期,上线、下线、定时发布、部分接口不对外暴漏等等。 如果OIDC必须配置正则的话,可能无法适用于全部的场景。 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
