Micro.blog (for the macOS app at least, and I’d imagine also for v2 of the iOS app) require IndieAuth endpoints to return code, state and me parameters in their response.
code - The authorization code generated by the authorization endpoint. The code MUST expire shortly after it is issued to mitigate the risk of leaks, and MUST be valid for only one use. A maximum lifetime of 10 minutes is recommended.
state - The state parameter MUST be set to the exact value that the client set in the request.
iss - The issuer identifier for client validation.
Micro.blog (for the macOS app at least, and I’d imagine also for v2 of the iOS app) require IndieAuth endpoints to return
code,stateandmeparameters in their response.However,
mehas since been removed as a requirement from the latest version of the IndieAuth spec, as seen in Aaron’s rundown of the 2020 spec changes.The required response parameters are now:
code- The authorization code generated by the authorization endpoint. The code MUST expire shortly after it is issued to mitigate the risk of leaks, and MUST be valid for only one use. A maximum lifetime of 10 minutes is recommended.state- The state parameter MUST be set to the exact value that the client set in the request.iss- The issuer identifier for client validation.