Authentication Security Best Practices

1.1.x

oauth2-redirections-non-encrypted

general > oauth2-redirections-non-encrypted

Guidance / Message

Oauth2 redirection flows use non encrypted transport

Examples

valid

openapi: 3.0.0
info:
  title: My API
  description: This is a sample API
  version: 1.0.0
servers:
  - url: https://api.example.com/v1

invalid

openapi: 3.0.0
info:
  title: My API
  description: This is a sample API
  version: 1.0.0
servers:
  - url: http://api.example.com/v1

Applies to OAuth2Flow

Constraint

Type: Declarative Validation
TypeRuleset
OrganizationMuleSoft
Published by
MuleSoft Organization
Published onNov 29, 2023

Asset versions for 1.1.x

Version
1.1.0

Tags

specification