After successful authentication callback is called by Auth0 to return back to Application and provide Access Token and other things that were requested. From what I can see (and read in your docs) this data is being sent as
# param in a GET HTTP request.
Do you offer alternative methods of passing the data or is this the only one available? If the latter, does that mean any traffic directors which might log requests need to be filtering those out / removing params after hash?
What are your suggestions here?