Skip to content

Investigate replay attacks on /consent endpoints #241

New issue
New issue
Open
Open
Investigate replay attacks on /consent endpoints#241
Labels
SecurityChanges that enhance security or fix security-related issues.
@nanderstabel

Description

@nanderstabel
nanderstabel
opened on Nov 27, 2025

Description

As pointed out here the POST /consent endpoint is currently not secure because some of the query parameters could be guessed. We need to investigate what is the proper way of mitigating this.

Motivation

These endpoints need to be secure.

Resources

No response

To-do List

  • Investigate replay attacks on /consent endpoints

Metadata

Metadata

Assignees

No one assigned

    Labels

    SecurityChanges that enhance security or fix security-related issues.

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions