2021-06-05 UTC
# barnaby e.g. if an indieauth client sends an authorization request, and the user isn’t currently logged into their server (e.g. via a cookie), then they’d be redirected to their login page with a redirect URL back to the authorization endpoint, complete with all the original IA authorization request parameters