This repository has been archived by the owner on Jun 26, 2024. It is now read-only.
Unsecure - User token passed in URL #51
Comments
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Currently the user token appears in the URL. When user gets authenticated Amazon Cognito generates a token and returns it to the website in the URL as a parameter.
This is not best security practice.
Is there a better (more secure) way of passing that token?
The text was updated successfully, but these errors were encountered: