AnsweredAssumed Answered

How to turn off the implicit grant type

Question asked by Albertwaninge on Sep 4, 2016

The OTK supports the implicit grant type of the OAuth 2.0 framework. However, how should this (rather insecure) grant type be disabled? I know about the encapsulated assertion OTK Configured Grant Types, but the implicit grant type is not configurable there. Should I turn it off specifically in the authorize-endpoint?

Outcomes