Change OAuth password parameter

Zurich Platform security

Release

zurich

ft:locale

en-US

ft:publication_title

Zurich Platform security

ft:clusterId

psec

bundleId

psec

workflow

Platform

Change OAuth password parameter

Release version: Zurich

Updated July 31, 2025

1 minute to read

Use this property to ensure only POST body parameters are accepted as input for all supported grant types.

Sending sensitive information over URI query parameters might lead to sensitive information disclosure by clients, the server, or any host between the requests. Starting with the Madrid release, this new property ensures only the POST body parameters are accepted as input for all supported grant types. Supported grant types include:

authorization code
password
client credential
refresh token

Table 1. OAuth password parameter property
Property	Description
`glide.oauth.allow.parameters.in.post.body.only`	This property is set to true for zBoots only, as part of the OAuth 2.0 plugin. If you need this setting for your instance, create and set the property to true.