2021-07-10 UTC
# Zegnat So sink.zegnat.net is a group blog in that way. So its authorization_endpoint is actually an IndieAuth login page and lets anyone login. Then when they are logged in the sink.zegnat.net token_endpoint can issue a token matching their identity (because they have proven who they are). But that obviously would not work if the sink.zegnat.net authorization_endpoint was also the thing I personally wanted to use to proof my own identity.