diff --git a/README.MD b/README.MD index 4a08b6c03..019d1ed17 100644 --- a/README.MD +++ b/README.MD @@ -28,7 +28,7 @@ Auto-configuration for resource servers: - allowing anonymous preflight requests using the path-matchers in CORS configuration Auto-configuration for clients with `oauth2Login`: -- customizing OAuth2 responses: +- customizing responses returned to the frontend during the authorization-code and RP-Initiated Logout flows: - specify the URI in `Location` header to activate a route after login / logout (defaults can be defined in application properties and overridden by the frontend using headers or query parameters) - set the HTTP status in the `2xx` range to observe the response in Javascript code and trigger plain navigation instead of letting the browser follow a redirection with a cross-origin request - exposing CSRF token as a cookie accessible to a single-page application