The Token Value Is Disclosed In The GET URL When Accessing Convergence
(Doc ID 2710996.1)
Last updated on MAY 12, 2021
Applies to:Oracle Communications Convergence - Version 3.0.2 and later
Information in this document applies to any platform.
When accessing Convergence, the token value is disclosed in the GET URL.
The token value is created for authentication in the application and is used throughout the session.
For example, here is what is logged in the GF access log, during a login to Convergence:
Similarly, when using the Firefox debugger, the "token=PKHQRzQTfW" is exactly matched to what shows in the debugger for Convergence when viewing storage -> cookie -> Convergence.
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document