v3.1.3
The browser policy now reads the callback from the same validated request shape used by the OAuth flow. This fixes a handoff mismatch that could replace the permission screen with a generic connection error.
One short email when something meaningful ships. No streaks required.