Hi,

I am trying to register a loopback URI, but it doesn´t work. I´m using dynamic port assignment. The documentation says, https should be used, except for loopback URIs, which can use http:

"If you are using a loopback address, use the explicit IPv4 or IPv6, like http://127.0.0.1:PORT or http://[::1]:PORT as your redirect URI."

Further down the page it says

"If you don't know the port number in advance, register your redirect URI with a loopback IP literal, but without any port number"

but that doesn´t work.

I´ve tried

• http://127.0.0.1  
• http://127.0.0.1/callback  
• http://[::1]
• http://[::1]/callback

When I add a port, for example http://[::1]:80/callback it works, but the documentation clearly states that sing http and no port is allowed, when using a loopback URI. Why does it still mark it as insecure?