mirror of
https://github.com/supabase/supabase.git
synced 2026-05-06 08:56:46 -04:00
Cemal Kılıç
019d10aab6
## I have read the [CONTRIBUTING.md](https://github.com/supabase/supabase/blob/master/CONTRIBUTING.md) file. YES ## Summary - Added token_endpoint_auth_method field to the OAuth app create/update sheet, visible only when client type is set to "Confidential" - Supports client_secret_basic (HTTP Basic Auth header) and client_secret_post (request body) options; public clients automatically use none - Wired the field into both create and update API payloads ## Test plan - Create a confidential OAuth app -> Token Endpoint Auth Method selector should appear and submit correctly for both options - Create a public OAuth app -> selector should not appear; none is sent in the payload - Edit an existing confidential app -> selector should pre-populate from the saved value ## What is the new behavior? <img width="1244" height="1660" alt="image-KvVBmAG6@2x" src="https://github.com/user-attachments/assets/76ab2687-6be4-4b74-a830-e670a2bb4be2" /> <img width="1264" height="1652" alt="image-gLARAPwt@2x" src="https://github.com/user-attachments/assets/fd5770d5-acfd-4edb-bd5e-af582108f092" /> related: https://github.com/supabase/supabase/pull/43128 <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **New Features** * Added token endpoint authentication method configuration for OAuth app creation and updates * Authentication method automatically adjusts based on client type (public clients use 'none') * Token endpoint auth method field conditionally displayed for confidential clients only <!-- end of auto-generated comment: release notes by coderabbit.ai -->