I think we should explicitly state that this end point supports all parameters and extensions as supported by the /authorization endpoint. The difference of this endpoint is that it returns errors with instructions on what the next step the client needs to take vs managing all that challenge/response flow in a web page.
I think we should explicitly state that this end point supports all parameters and extensions as supported by the /authorization endpoint. The difference of this endpoint is that it returns errors with instructions on what the next step the client needs to take vs managing all that challenge/response flow in a web page.