OpenID authorization OPTIONS request

@Mike So the first request that gets a 302 has the following headers:

The accept header has the application/json value.
If I do a full page reload I do get redirected to the idP.