diff --git a/agent/http.go b/agent/http.go index 32010c343..887a27a38 100644 --- a/agent/http.go +++ b/agent/http.go @@ -377,7 +377,7 @@ func (s *HTTPHandlers) wrap(handler endpoint, methods []string) http.HandlerFunc logURL = strings.Replace(logURL, token, "", -1) } httpLogger.Warn("This request used the token query parameter "+ - "which is deprecated and will be removed in Consul 1.17", + "which is deprecated and will be removed in a future Consul version", "logUrl", logURL) } logURL = aclEndpointRE.ReplaceAllString(logURL, "$1$4") diff --git a/website/content/api-docs/api-structure.mdx b/website/content/api-docs/api-structure.mdx index 7a1908941..62bd424fd 100644 --- a/website/content/api-docs/api-structure.mdx +++ b/website/content/api-docs/api-structure.mdx @@ -42,7 +42,7 @@ $ curl \ **Security Note:** Though you could pass the token through the `?token=` query parameter, this method is highly discouraged because the token can show up in access logs as part of the URL. -The `?token=` query parameter is deprecated and will be removed in Consul 1.17. +The `?token=` query parameter is deprecated and will be removed in a future Consul version. To learn more about the ACL system read the [documentation](/consul/docs/security/acl). diff --git a/website/content/docs/upgrading/upgrade-specific.mdx b/website/content/docs/upgrading/upgrade-specific.mdx index 360187af1..5fa82448d 100644 --- a/website/content/docs/upgrading/upgrade-specific.mdx +++ b/website/content/docs/upgrading/upgrade-specific.mdx @@ -75,13 +75,13 @@ The `connect.enable_serverless_plugin` configuration option was removed. Lambda #### Deprecating authentication via token query parameter -Providing a Consul ACL token in API requests using the `token` query parameter is deprecated and will be removed in Consul 1.17. +Providing a Consul ACL token in API requests using the `token` query parameter is deprecated and will be removed in a future Consul version. Instead, you should provide the token through the `X-Consul-Token` header or with the Bearer scheme in the authorization header as described in the [API authentication documentation](/consul/api-docs/api-structure#authentication). Check whether you are using a `token` query parameter by searching your Consul agent logs for the message: ```shell-session hideClipboard -$ This request used the token query parameter which is deprecated and will be removed in Consul 1.17 +$ This request used the token query parameter which is deprecated and will be removed in a future Consul version ``` Deprecated authentication using the `token` query parameter: