Skip to content

Commit c6472dc

Browse files
ajgarlagajgarlag
committed
Document the requirement for logged-in user
1 parent 44272ff commit c6472dc

File tree

1 file changed

+6
-2
lines changed

1 file changed

+6
-2
lines changed

docs/index.md

Lines changed: 6 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -139,8 +139,9 @@ security:
139139

140140
You can verify that everything is working by issuing a `POST` request to the `/token` endpoint.
141141

142-
**❮ NOTE ❯** It is recommended to control the access to the authorization endpoint
143-
so that only logged in users can approve authorization requests.
142+
It is required to control access to the authorization endpoint
143+
so that only logged-in users can approve authorization requests.
144+
144145
You should review your `config/security.yaml` file. Here is a sample configuration:
145146

146147
```yaml
@@ -149,6 +150,9 @@ security:
149150
- { path: ^/authorize, roles: IS_AUTHENTICATED_REMEMBERED }
150151
```
151152
153+
> [!IMPORTANT]
154+
> The requirement for a logged-in user to approve authorization requests was introduced in version 0.9.0. In previous versions, it was only a recommendation.
155+
152156
## Configuration
153157
154158
* [Basic setup](basic-setup.md)

0 commit comments

Comments
 (0)