2021-11-25 UTC
# 
capjamesg[d] I am still in the early stages of implementing it. Overall, I understand what is being said but I do think more clarity on what I mentioned earlier re: verifying a token is allowed to access something would be useful. I know the IndieAuth spec doesn't lay out how to issue resource-limited tokens but I'd love to see more on that. I do need to look at the GitHub issue linked in the wiki page though. Again, I'm not far into this yet.