- Update many external packages (e.g. System.Text.Json having a vulnerability)
- Replace IdentityModel.AspNetCore with Duende.AccessTokenManagement
- Provide AuthorizationTokenEndpoint directly in discovery document
- Deprecate AuthorizationServer in discovery document