Is encrypting a query parameter within a URI a security best practice?
Assumption a customer is sitting in a public area connected to a public wifi.
Step 1. example.com server sends the following information to trustworthy.external.domain over https:
redirectPath="https://www.example.com/public/endpoint…