Securing APIs by default
Description
Environment
None
Potential Workaround
None
is duplicated by
Checklist
hideTestRail: Results
Activity
Show:
Done
Details
Details
Assignee

Reporter

Labels
Priority
Sprint
None
Development Team
Core: Platform
Fix versions
TestRail: Cases
Open TestRail: Cases
TestRail: Runs
Open TestRail: Runs
Created April 24, 2020 at 11:16 PM
Updated June 4, 2020 at 12:02 PM
Resolved June 4, 2020 at 11:22 AM
TestRail: Cases
TestRail: Runs
Per , all public APIs should be protected by default. That means field permissionsRequired is required when defining non-system APIs in the handlers section of module descriptor. If there is a strong technical reason that an API cannot be protected, for example, /authn/login, use *"permissionsRequired" : [ ]* to make it explicit.
Please fix following APIs in this module