I still find the OAuth configuration painful. Wouldn’t it be possible to give more information by default when it’s not working? For example, when catching a throwable, I think it’s better to log with at Warn level. https://github.com/ktorio/ktor/blob/master/ktor-features/ktor-auth/jvm/src/io/ktor/auth/OAuthProcedure.kt#L65-L66