Description
Is your feature request related to a problem? Please describe.
As a squad we have different understanding of what is insecure with respect to the information returned on unsuccessfully attempts to login and what mechanisms needs to be introduced. As this discussion is tradeoff between user experience and security we need to find an agreement and then continue based on this shared agreement.
Describe the solution you'd like
Policy that will become part of the API Mediation Layer repository, which outlines our approach towards the information that are returned.
Describe alternatives you've considered
Having TSC level policy, but this takes far more time and it's more difficult to agree across all the squads with different levels of criticality.
Willingness to help
I am volunteering @JirkaAichler , @pj892031 as they are mostly involved and invested in the issues that are coming from varied understanding across the squad.
Metadata
Metadata
Assignees
Type
Projects
Status
Icebox