no need to always set the currently authenticated user's accessToken in a short-living cookie when authPath is called.
This has always been a workaround for IBM Connections Cloud, which doesn't support the OAuth state parameter.
It is however required to mount loopback.token to read user credentials from state in the response.
no need to always set the currently authenticated user's accessToken in a short-living cookie when
authPathis called.This has always been a workaround for IBM Connections Cloud, which doesn't support the OAuth
stateparameter.It is however required to mount
loopback.tokento read user credentials fromstatein the response.