Red Hat Single Sign-On Public Key Visible when accessed via browser
Issue
- For testing we have copied this URL and changed the client id and client secret and made a request through the browser. Still it returns the public key. Even without any client id or client secret it shows the PUB key. Is this expected?
Environment
- Red Hat Single Sign-On 7.2.0
- Red Hat Single Sign-On as IDP in 3scale. 'OpenID Connect Issuer' field configured as so:
https://{client_id}:{client_secret}@{rh-sso-domain}.com/auth/realms/{realm}
.
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.