If exoframe-server is deployed via https, you can still access it using http. But apparently it causes some weird issues (see #312).
It should be possible to address this either by warning a user or forcing https in config (if we detect redirect on auth).
