Closed PieterKas closed 1 year ago
We should define a new response (in addition to authorization code and error) that tells the client to launch a browser flow instead https://aaronpk.github.io/oauth-first-party-native-apps/draft-parecki-oauth-first-party-native-apps.html#section-5.2
The response is defined as a PAR response https://datatracker.ietf.org/doc/html/rfc9126#section-2.2
Done in #38
A question came up on how this would work. Demonstrating this scenario with the help of an example may be useful.