SSO callback

id: core-auth-sso-callback owner: core method: POST path: /wp-json/headlesswp/v1/auth/sso/callback title: SSO callback usedBySite: false

POST /wp-json/headlesswp/v1/auth/sso/callback

TODO: verify request/response/error schema in HWP repo.

Auth + CSRF

Auth: public
CSRF: required (HWP nonce policy: always)

Request schema

TBD - verify in HWP repo.

Response schema

TBD - verify in HWP repo.

Error codes

TBD - verify in HWP repo.