yogsototh/deft
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

notes/cisco_ft_securex_registration.org

Browse source
This commit is contained in:
Yann Esposito (Yogsototh) 2022-03-28 14:41:04 +02:00
parent e0b7c5609c
commit 91a1f576e7
Signed by untrusted user who does not match committer: yogsototh
GPG key ID: 7B19A4C650D59646
1 changed files with 5 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
notes/cisco_ft_securex_registration.org
View file

@ -312,6 +312,11 @@ and
- ~role~ ; optional and only if accepted, if none provided, default to ~user~ - ~role~ ; optional and only if accepted, if none provided, default to ~user~
The separation of the ~role~ query parameter is important in order to give a
chance for the UI to change the associated role before user creation.
But once the user is created with a specified ~role~ it should be impossible
to change its role from an unauthenticated route.
If someone hit this endpoint, then you should: If someone hit this endpoint, then you should:
1. Decrypt the ~code~ and retrieve the data. 1. Decrypt the ~code~ and retrieve the data.