30 May
2025
30 May
'25
1:31 a.m.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=40023 --- Comment #6 from David Cook <dcook@prosentient.com.au> --- Currently looking at the output of /api/v1/patrons/{patron_id} and noticing it includes "overdrive_auth_token" although that's not defined in Koha::Patron::to_api_mapping(). "login_attempts" as well. "staff_notes"... I'd say those shouldn't shared with a third-party system. -- The API is in a weird place at the moment. It's not clear what services are expected to be used only by Koha and which are meant to be used by third-parties, and I think that presents some of the issues around privacy and security... -- You are receiving this mail because: You are watching all bug changes.