v1.1

Changelog:

• Add Access-Control-Allow-Origin header to all responses
• Fix scope param in RefreshToken endpoint
• Add health checks
• Fix HTTPS warning