Inconsistent behavior for GET token endpoint

[tvarga94]

Hello.

When calling the GET /api/auth/jwt/token endpoint, I’m experiencing inconsistent behavior. The endpoint is expected to issue a JWT token for authentication, but instead, it is being treated as a GET request, which doesn’t align with typical login flows (which should usually be a POST request).

In my opinion the correct behavior for generating a JWT token would be to use a POST request, not GET. Therefore, it would be better to update the API method to use POST /api/auth/jwt/token instead of GET. The same goes for the /refresh.

Is there a specific reason why its a GET?

Feel free to correct me if I miss something.
Looking forward to the answer,
Br, Tamas

[specialtactics]

Hi @tvarga94 , because you are not creating any resources in the API (the typical use-case for a POST), but are instead trying to get a token, it is a get request. Similar for refresh. This is a pretty standard way to do things.

However, of course you are more than welcome to customise it if you really want, and you absolutely have that option, you can simply redefine the routes as post in the route file 😄