- when setting an OIDC issuer URL the defaulter will fetch and set
authorization and token endpoints
- basic auth allows to use either inline hashed credentials or plaintext
credentials from a secret that are automatically hashed
- finish TLS support for API & dashboard listeners
