Open tsmethurst opened 1 year ago
I'd perhaps add here: RFC 8414, which allows for a /.well-known/oauth-authorization-server
endpoint to disclose what features the given server supports / has available (gives the dynamic client registration endpoint, the scopes and grant types available, etc.
We've got various bits and bobs related to OAuth that could use some tlc.
This issue is meant to gather them together, since they tend to get a bit lost among the other issues.