See discussion here:
https://secure.phabricator.com/D8481
Specific items are:
- Update the configuration for this install.
- Update the configuration instructions for all installs.
- Check the viability of doing an API test for configuration.
- Render all forms with an `action` attribute.
- Whitelist `access_token` as a GET parameter globally.