Developer forum

Forum » CMS - Standard features » /dwapi/users/authenticate using POST method in Dynamicweb 9 issue

/dwapi/users/authenticate using POST method in Dynamicweb 9 issue

E-mail notifications
Kevin Steffer
Kevin Steffer
Reply
Posted on 28/02/2026 22:32:22

I've just discovered that on DW 9 the POST /dwapi/users/authenticate only accepts credentials in it's query just like get GET method which is very unsafe.

If I POST with a JSON body I get 405 Method Not Allowed - isn't that a mistake that the POST method hasn't been updated with a JSON body like DW10 has?


Replies

 
Nicolai Pedersen Dynamicweb Employee
Nicolai Pedersen
Posted on 02/03/2026 11:17:08
Reply

You are right - created and fixed the bug: https://doc.dynamicweb.dev/documentation/fundamentals/dw10release/releasenotes/workiteminfo.html?workitemid=27463

Currently in pull request - release date not set yet.

 

You must be logged in to post in the forum