Hacker News new | past | comments | ask | show | jobs | submit login

I naively assumed that this was the point, but when I read the spec you're right: it's just about hitting the well-known URL and redirecting the browser to the actual change-password URL. Does anybody know why, from the site maintainer perspective, why would I bother to implement this?

Because it takes very little effort and adds convenience for your users, that's why.

The alternative of doing a full API takes much more effort and therefore has little chance of adoption.

Applications are open for YC Summer 2019

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact