diff --git a/src/core/server/http/http_server.ts b/src/core/server/http/http_server.ts index 34035d8decca9..f898ed0ea1a99 100644 --- a/src/core/server/http/http_server.ts +++ b/src/core/server/http/http_server.ts @@ -147,7 +147,7 @@ export class HttpServer { this.log.debug(`registering route handler for [${route.path}]`); // Hapi does not allow payload validation to be specified for 'head' or 'get' requests const validate = isSafeMethod(route.method) ? undefined : { payload: true }; - const { authRequired = true, tags, body = {} } = route.options; + const { authRequired, tags, body = {} } = route.options; const { accepts: allow, maxBytes, output, parse } = body; const kibanaRouteState: KibanaRouteState = { diff --git a/src/core/server/http/lifecycle/auth.ts b/src/core/server/http/lifecycle/auth.ts index b5bb9c3dc65a3..2eaf7e0f6fbfe 100644 --- a/src/core/server/http/lifecycle/auth.ts +++ b/src/core/server/http/lifecycle/auth.ts @@ -138,7 +138,7 @@ export interface AuthToolkit { * */ notHandled: () => AuthResult; /** - * Redirect user to IdP when authRequired: true + * Redirects user to another location to complete authentication when authRequired: true * Allows user to access a resource without redirection when authRequired: 'optional' * */ redirected: (headers: { location: string } & ResponseHeaders) => AuthResult;