grounded042
commented
5 years ago - use the OIDC well known endpoints endpoint to get endpoints for the client as they can differ per issuer
- make the usage of refresh tokens something you must specify on the command line as some providers will error if you ask for the scope but haven’t set it up in the app
- add ability to use the id token if needed / wanted as some providers don't allow customizing the access token and just the id token