diff --git a/CHANGELOG.md b/CHANGELOG.md
index f59a833ad63804edbaa782004204c08b26bff34a..08823e20f8bf2e63fe1bc9c44330b69b59f6f86a 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,17 @@
 
-#### **1.1.0 (unreleased)**
+
+#### **1.2.0**
+
+BREAKING CHANGES:
+ * Changed the /oauth/login handler to use post form values rather than query parameter to ensure (to a degree) they
+   are not logged
+
+#### **1.1.1**
+
+FIXES:
+ * Fixed the configuration bug which required a redirection-url even when redirection was shifted off
+
+#### **1.1.0**
 
 FIXES:
  * Added a auto build to quay.io on the travis build for master and tags
diff --git a/README.md b/README.md
index 947d81bc712263e7b00ffa16c8a739f5ba0ed1eb..11c3e22f232a252a5b36382d4465b03fb3dcc2f9 100644
--- a/README.md
+++ b/README.md
@@ -31,7 +31,7 @@ USAGE:
    keycloak-proxy [options]
 
 VERSION:
-   v1.1.0 (git+sha: 1209149)
+   v1.2.0 (git+sha: fc38244)
 
 AUTHOR(S):
    Rohith <gambol99@gmail.com>
@@ -442,6 +442,6 @@ You can control the upstream endpoint via the --upstream-url option. Both http a
 * **/oauth/callback** is provider openid callback endpoint
 * **/oauth/expired** is a helper endpoint to check if a access token has expired, 200 for ok and, 401 for no token and 401 for expired
 * **/oauth/health** is the health checking endpoint for the proxy, you can also grab version from headers
-* **/oauth/login** provides a relay endpoint to login via grant_type=password i.e. POST /oauth/login?username=USERNAME&password=PASSWORD
+* **/oauth/login** provides a relay endpoint to login via grant_type=password i.e. POST /oauth/login form values are username=USERNAME&password=PASSWORD
 * **/oauth/logout** provides a convenient endpoint to log the user out, it will always attempt to perform a back channel logout of offline tokens
 * **/oauth/token** is a helper endpoint which will display the current access token for you
diff --git a/doc.go b/doc.go
index 9ccf21cd54e3d87d5dbce59b3c6f934f35dc9ac3..d1fa9df5cb11f49be81efcee12ff75e8cf14b6a9 100644
--- a/doc.go
+++ b/doc.go
@@ -21,7 +21,7 @@ import (
 )
 
 var (
-	release = "v1.1.1"
+	release = "v1.2.0"
 	gitsha  = "no gitsha provided"
 	version = release + " (git+sha: " + gitsha + ")"
 )
diff --git a/handlers.go b/handlers.go
index 3e9c63f26c9af48e67cbfe3b5b7c8f83df7b88b0..814bc32dfa54d53aba195a2b376b0fb7c72df1d2 100644
--- a/handlers.go
+++ b/handlers.go
@@ -198,8 +198,8 @@ func (r *oauthProxy) oauthCallbackHandler(cx *gin.Context) {
 //
 func (r *oauthProxy) loginHandler(cx *gin.Context) {
 	// step: parse the client credentials
-	username := cx.Request.URL.Query().Get("username")
-	password := cx.Request.URL.Query().Get("password")
+	username := cx.Request.PostFormValue("username")
+	password := cx.Request.PostFormValue("password")
 
 	if username == "" || password == "" {
 		log.WithFields(log.Fields{
diff --git a/handlers_test.go b/handlers_test.go
index 2907111b03944a8a9bb6c454a8013822615cca5f..5e92e7417a4e666dcec66297e69de15eda4899d6 100644
--- a/handlers_test.go
+++ b/handlers_test.go
@@ -115,15 +115,15 @@ func TestLoginHandler(t *testing.T) {
 
 	for i, x := range cs {
 		u := u + oauthURL + loginURL
-		query := url.Values{}
+		values := url.Values{}
 		if x.Username != "" {
-			query.Add("username", x.Username)
+			values.Add("username", x.Username)
 		}
 		if x.Password != "" {
-			query.Add("password", x.Password)
+			values.Add("password", x.Password)
 		}
 
-		resp, err := http.Post(u+"?"+query.Encode(), "", nil)
+		resp, err := http.PostForm(u, values)
 		if err != nil {
 			t.Errorf("case %d, unable to make requets, error: %s", i, err)
 			continue