When user logs in the POST login-actions/authenticate API is passing session_code as query parameter. This is coming up as a security concern in our application. Is it possible to move
session_code from query parameter to either Header or Request payload?
Following are the details of the request
Keycloak - 14.0.0
React - 17.0.2
Java - 11
If you can you please respond to this or at least guide us in the right direction that would be really kind if you.