Currently the way it works is the app registers its ID via the API server with the SSO server linking you’re account to it first time you sign into the app, thinking thats not really required as we could just link the account ID to the app instead after first successful login taking the API server out of the equation all together for registration and validation and instead have the app validate access to it self, SSO still would be required just the API server would be one less possible failure point causing lockouts.
I’ll proceed with going ahead on this idea and issue a update out later this weekend after I take some time to test it first.