In reply to a post by Aaron Parecki on Dec 13, 2019 10:29 Some more info on OAuth 2.1 from the @oktadev blog: OAuth 2.1: How many RFCs does it take to change a light bulb? https://developer.okta.com/blog/2019/12/13/oauth-2-1-how-many-rfcs How are the new OAuth2 things going to impact IndieAuth if at all? posted Dec 15, 2019 13:50 in Replies Reply: a post by Aaron Parecki on Dec 15, 2019 08:13 The biggest change is that really every IndieAuth server and client should support PKCE. A few of them do already. I'll make a list of other recommendations as well.