It seems like GET api/authentication/validate endpoint returns true for every request. When I send a request with Bearer token value “test”, “123” or anything else it returns valid: true. Curl example:
curl --location --request GET 'https://sonarcloud.io/api/authentication/validate' \
--header 'Authorization: Bearer test'
Is it normal or should I suppose to add more information to request?
Thanks for reporting it. I investigated it and created an internal ticket to fix it.
We are investigating the issue. Can you elaborate more on your use-case for this endpoint?
Planning to use this endpoint for integrations inside 3rd party app. Main use case is validating user tokens.
We have made the fix. Can you validate?
This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.