- Non-admin users now cannot register `admin` scope tokens (not security-critical, they didn't work before, but you _could_ create them)
- Admin scopes will be dropped on create
- Rich media will now backoff for 20 minutes after a failure
+- Simplified HTTP signature processing
### Fixed
- /api/v1/accounts/lookup will now respect restrict\_unauthenticated