Currently the par request is: transition:generic transition:email transition:chat.bsky identity:handle account:email
This mixes transition:* and account:* scope which is an invalid scope to for example Tranquil-PDS and should generally just not happen. This breaks the OAuth flow entirely
the scopes we use are really bad since i just copied what blacksky uses instead of seeing what is actually required. it definitely needs a second pass. someone should report this upstream to blacksky also