2020-05-28 UTC
# Zegnat For token endpoint to issue a token to you, it needs to check your site to find your correct authorization endpoint, and then ask that authorization endpoint if the token request was really made by you. We haven’t really thought of a way to introduce shortcuts there yet. Although there was a little brainstorm about maybe pub-priv keypairs so the initial token request already includes the proof that only needs to be verified