@mark-robustelli No worries, we do have a working setup now after a slew of theme tweaks. That said there is still an outstanding question and a possible bug (both low priority).
The question: What happened to the ability to complete an oauth authentication flow by POSTing a code to /oauth2/passwordless? That worked in 1.48.3 but not in 1.55.1.
The potential bug: Why does a GET call to /oauth2/passwordless/<invalid code> redirect the user to the browser confirmation page (even when the request is from the same browser) instead of an invalid code page?