Revision 32884e54
Added by Oleh Fedorenko over 1 year ago
| test/unit/foreman/access_permissions_test.rb | ||
|---|---|---|
|
"api/graphql/execute",
|
||
|
|
||
|
# ping
|
||
|
"api/v2/ping/ping"
|
||
|
"api/v2/ping/ping",
|
||
|
|
||
|
"api/v2/users/extlogin"
|
||
|
]
|
||
|
|
||
|
MAY_SKIP_AUTHORIZED = ["about/index", "react/index", "api/v2/ping/ping"]
|
||
Also available in: Unified diff
Fixes #35473 - Add extlogin API endpoint
/users/extlogin endpoint is designed for UI interaction, thus
using this endpoint to create a session to be used via API will
fail with "Can't verify CSRF token authenticity" for any method
except GET. We need to have a separate endpoint to create a proper
session to be used via API.