Authorizing for crossposting results in a 502 on micro.blog

Connecting a Mastodon account on signers.online (Mastodon 4.6.0-rc.1+glitch) fails: micro.blog’s /mastodon/callback receives the OAuth authorization redirect but never POSTs to /oauth/token to redeem the code.

On signers.online’s side the app is registered correctly (redirect_uri https://micro.blog/mastodon/callback, scopes read write follow), /oauth/authorize returns 302 with a valid code in ~30 ms, and /oauth/token is healthy.

Across ~10 attempts signers.online issued 10 authorization codes; micro.blog redeemed exactly one, and that token was then never used for any API call.

The callback appears to error (502) before redeeming the code.