Require unique redirect URI for each logical AS
Issue #43
new
Required in OAuth 2.1: not (yet) required in FAPI2
[2.2.2] Confidential and public clients MUST use a unique redirect URI for each logical authorization server.
https://www.mitre.org/sites/default/files/2021-11/pr-19-3213-enterprise-tailored-oauth-profile.pdf