From e8a726af8051875798219c0eb7b7a3acc067d8f5 Mon Sep 17 00:00:00 2001
From: hsiegeln <37154749+hsiegeln@users.noreply.github.com>
Date: Sun, 26 Apr 2026 10:30:33 +0200
Subject: [PATCH] feat: permit /assets/** for unauthenticated access (email
 watermark)

---
 .../java/net/siegeln/cameleer/saas/config/SecurityConfig.java   | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/main/java/net/siegeln/cameleer/saas/config/SecurityConfig.java b/src/main/java/net/siegeln/cameleer/saas/config/SecurityConfig.java
index a219d56..d5f16ac 100644
--- a/src/main/java/net/siegeln/cameleer/saas/config/SecurityConfig.java
+++ b/src/main/java/net/siegeln/cameleer/saas/config/SecurityConfig.java
@@ -46,7 +46,7 @@ public class SecurityConfig {
                         .requestMatchers("/", "/index.html", "/login", "/register", "/callback",
                                 "/vendor/**", "/tenant/**", "/onboarding",
                                 "/environments/**", "/license", "/admin/**").permitAll()
-                        .requestMatchers("/_app/**", "/favicon.ico", "/favicon.svg", "/logo.svg", "/logo-dark.svg").permitAll()
+                        .requestMatchers("/_app/**", "/assets/**", "/favicon.ico", "/favicon.svg", "/logo.svg", "/logo-dark.svg").permitAll()
                         .requestMatchers("/api/onboarding/**").authenticated()
                         .requestMatchers("/api/vendor/**").hasAuthority("SCOPE_platform:admin")
                         .requestMatchers("/api/tenant/**").authenticated()