As per a recent change to Spring Security to tweak the way that they retrieve access tokens from either the Authorization header, it was highlighted that the use of Bearer tokens in Multipart Form POSTs are not actually supported by RFC 6750.
Should we be revisiting this decision, if it may not be supported out-of-the-box by common libraries?
See also spring-projects/spring-security#10553
As per a recent change to Spring Security to tweak the way that they retrieve access tokens from either the
Authorizationheader, it was highlighted that the use of Bearer tokens in Multipart Form POSTs are not actually supported by RFC 6750.Should we be revisiting this decision, if it may not be supported out-of-the-box by common libraries?
See also spring-projects/spring-security#10553