Find a way to work with non-web clients that can't handle an SSO redirect

[vayan]

if we take Jellyfin as example, the sso redirect works fine for the web client, but any native client (mobile, tv, etc...) would break.

We could probably improve thing by reusing share links:

Instead of having something like https://proxy.example.com/auth/resource/1?token=secretstring that redirect to https://jellyfin.example.com

We could have a share link that looks like https://jellyfin.example.com?token=secretstring and assuming clients don't strip query args it should work!

[miloschwartz]

Actively being worked on and close to release. I am not sure how many clients will keep the token in the url though. I guess we'll see