Skip to content

Commit 276fcbc

Browse files
committed
https remark
1 parent 3bce18f commit 276fcbc

File tree

1 file changed

+1
-4
lines changed

1 file changed

+1
-4
lines changed

README.md

+1-4
Original file line numberDiff line numberDiff line change
@@ -51,14 +51,11 @@ To run this sample you will need the following:
5151
`http://localhost:3000/auth/openid/return` (:warning:)
5252
- In the **Advanced settings > Implicit grant and hybrid flows** section, check **ID tokens** as this sample requires the [hybrid flow](https://docs.microsoft.com/azure/active-directory/develop/v2-oauth2-implicit-grant-flow) to be enabled to sign-in the user.
5353
- Select **Save**.
54-
55-
> :warning: In this tutorial sample, we use HTTP schemes as the application runs on locahost only. However, HTTP schemes are insecure and should not be used in production.
56-
5754
1. In the list of pages for the app, select **Manifest**.
5855
- Find the key `logoutUrl` and replace its value with `http://localhost:3000/logout` (:warning:)
5956
- Select **Save**
6057

61-
> :warning: In this tutorial sample, we use HTTP schemes as the application runs on locahost only. However, HTTP schemes are insecure and should not be used in production.
58+
> :warning: Except on localhost, HTTP schemes are considered insecure and should not be used. In production, you should use HTTPS instead. See for more: [Microsoft identity platform best practices and recommendations](https://docs.microsoft.com/azure/active-directory/develop/identity-platform-integration-checklist#security)
6259
6360
1. Select **Save**.
6461

0 commit comments

Comments
 (0)