Just a quick one, as I was doing some stuff for a client, I gave the Known OAuth2 server a bit of a tweak.

First things first, I updated the admin interface so that it shows the endpoint urls needed (doh).

Second, I added support for an owner context url.

Third, the access token can now be passed using an Bearer authorisation header. Since this is now the new hotness, and it’s probably more reliable than passing stuff on a get variable.

Anyway, happy Saturday.