[wp-trac] [WordPress Trac] #61644: Invalidate application password
WordPress Trac
noreply at wordpress.org
Fri Jul 12 15:24:04 UTC 2024
#61644: Invalidate application password
-----------------------------------+------------------------------
Reporter: senna765 | Owner: (none)
Type: feature request | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Application Passwords | Version: 5.6
Severity: normal | Resolution:
Keywords: | Focuses: rest-api
-----------------------------------+------------------------------
Changes (by TimothyBlynJacobs):
* focuses: => rest-api
* severity: major => normal
* version: 6.5.5 => 5.6
Comment:
Hi @senna765,
Thanks for the ticket and welcome to Trac!
> Add ability to revoke token based on appId as this is known value to
application
I could see us adding this. Probably as a `DELETE /wp/v2/users/me
/application-passwords?app_id=blah`.
> Change request method to POST for wp-json/wp/v2/users/me/application-
passwords/introspect as litespeed cache plugin is not caching POST
requests
We wouldn't be making this change. This is a read action, it should not
have `POST` semantics. If the Litespeed plugin is caching an authenticated
route, that's incorrect. The REST API sends nocache headers on
authenticated requests.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/61644#comment:1>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list