Merge branch '5.0/disable-password-for-auth-token-config' into 5.0-trunk

author: sunnavy <sunnavy@bestpractical.com> 2020-12-22 17:45:33 +0300
committer: sunnavy <sunnavy@bestpractical.com> 2020-12-22 17:45:33 +0300
commit: f8d534239b34b2507eb9199370a2ad8a656c9288 (patch)
tree: cefd363ceb34919fe654089bf1f2217ecd9283b5 /docs
parent: 3890bf0db140962878e93de04f38f636b86576fc (diff)
parent: b148f34f9e3ccc32dba18181ee031497aecd3804 (diff)
1 files changed, 5 insertions, 1 deletions
diff --git a/docs/authentication.pod b/docs/authentication.pod
index eba5b36be1..ccf2b1263c 100644
--- a/docs/authentication.pod
+++ b/docs/authentication.pod
@@ -31,7 +31,11 @@ your RT Apache configuration to allow RT to access the Authorization header.
 
     SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1
 
-You can find more information about tokens in L<RT::Authen::Token>.
+Since tokens grant access on behalf of a user, RT prompts for a password
+when a user is creating a token. However, if you have a mix of RT and
+federated authentication, RT can't authenticate users via the federated
+password system. For this case, you can explicitly disable the password
+check with the C<$DisablePasswordForAuthToken> configuration option.
 
 =head1 External Authentication
author	sunnavy <sunnavy@bestpractical.com>	2020-12-22 17:45:33 +0300
committer	sunnavy <sunnavy@bestpractical.com>	2020-12-22 17:45:33 +0300
commit	f8d534239b34b2507eb9199370a2ad8a656c9288 (patch)
tree	cefd363ceb34919fe654089bf1f2217ecd9283b5 /docs
parent	3890bf0db140962878e93de04f38f636b86576fc (diff)
parent	b148f34f9e3ccc32dba18181ee031497aecd3804 (diff)