2019-09-30 UTC
# paulrobertlloyd At that point, I can modify my session to mark the user as authenticated. Finally, I need to request an access token so they can post to their site from the server. For this, I use the code returned from IndieAuth (?) and exchange that code with a token endpoint to get an access token. Is that correct?