@jmangelo When an app sends a user to the /authorize path, they are immediately redirected to a /login path, which is an “incorrect” path for entry, so if a user bookmarks the signin page and comes back to try and sign in again later, they can get the same error (“access_denied: Password login is disabled for clients using externally hosted login pages with oidc_conformant flag set.”)
Bookmarking the sign-in page for an app doesn’t seem like such a crazy thing to do… do you know if there is a way to avoid this?