diff --git a/index.html b/index.html
index 8cb3ba1..d11c053 100644
--- a/index.html
+++ b/index.html
@@ -217,7 +217,7 @@
 
                 <pre><code>address: <span ng-bind="vm.form.id"></span></code></pre>
                 <pre><code>subject: <span ng-bind="vm.form.subject"></span></code></pre>
-                <pre><code>issuer: <span ng-bind="vm.form.provider"></span></code></pre>
+                <pre><code>issuer: <span ng-bind="vm.form.userProvider"></span></code></pre>
               </div>
             </div>
 
@@ -232,6 +232,19 @@
               <div class="col-md-9">
                 <input class="form-input" type="text" ng-model="vm.form.provider">
                 <button class="btn btn-default" ng-click="vm.fn.changeProvider()">Set</button>
+              </div>
+            </div>
+
+            <div class="row" ng-if="vm.validated.provider">
+              <br>
+              <br>
+              <div class="col-md-3">
+                <strong>Directives Discovery</strong>:
+                <br>
+                (this is how we learn if a server support oauth3 and to what extent)
+              </div>
+              <div class="col-md-9">
+                <button class="btn btn-default" ng-click="vm.fn.changeProvider()">Discover Directives</button>
 
                 <pre><code>OAUTH3.urls.discover("<span ng-bind="vm.form.provider"></span>", opts);</code></pre>
                 <pre ng-if="vm.directivesUrl"><code><span ng-bind="vm.directivesUrl"></span></code></pre>
@@ -299,16 +312,22 @@
               </div>
             </div>
 
-            <div class="row" ng-if="vm.validated.provider">
+            <div class="row">
+              <h2>1st Party and App Login</h2>
               <br>
               <br>
               <div class="col-md-3">
-                <strong>Credential Exists URL</strong>
+                <strong>Credential Meta URL</strong>
+                <strong>(Not implemented... anymore)</strong>
                 <br>
                 (this is the endpoint that reports if the user exists and what their proof-strategy is)
               </div>
               <div class="col-md-9">
-                ...
+                <button class="btn btn-default" ng-click="vm.api.authn.credentialMeta()" ng-disabled="true || !vm.directives || !vm.form.id">Check user details</button>
+
+                <pre><code>OAUTH3.authn.loginMeta(directives, { email: "<span ng-bind="vm.form.id"></span>" });</code></pre>
+                <pre ng-if="vm.urls.credentialMeta"><code><span ng-bind="vm.urls.credentialMeta"></span></code></pre>
+                <pre ng-if="vm.responses.credentialMeta"><code><span ng-bind="vm.responses.credentialMeta"></span></code></pre>
               </div>
             </div>
 
@@ -321,7 +340,19 @@
                 (this is the URL that sends your one-time password via email)
               </div>
               <div class="col-md-9">
-                ...
+                <button class="btn btn-default" ng-click="vm.api.authn.otp()" ng-disabled="!vm.directives || !vm.form.id">Check user details</button>
+
+                <pre><code>OAUTH3.authn.otp(directives, { email: "<span ng-bind="vm.form.id"></span>" });</code></pre>
+                <div ng-if="vm.urls.otp">
+                  <pre><code><span ng-bind="vm.urls.otp.method"></span> <span ng-bind="vm.urls.otp.url"></span>
+<span ng-if="vm.urls.otp.headers" ng-bind="vm.urls.otp.headers | json"></span>
+<span ng-bind="vm.urls.otp.data | json"></span>
+</code></pre>
+                  <pre ng-if="vm.responses.otp"><code><span ng-bind="vm.responses.otp.status"></span>
+<span ng-if="vm.responses.otp.headers" ng-bind="vm.responses.otp.headers | json"></span>
+<span ng-bind="vm.responses.otp.data | json"></span>
+</code></pre>
+                </div>
               </div>
             </div>
 
diff --git a/js/playground.js b/js/playground.js
index 46ed82a..1fa5a87 100644
--- a/js/playground.js
+++ b/js/playground.js
@@ -41,14 +41,15 @@
 		];
 
     vm.form = {};
-    vm.form.id = '';
+    vm.form.id = 'coolaj86@gmail.com';
     vm.form.subject = '';
     vm.form.userProvider = '';
-    vm.form.provider = '';
+    vm.form.provider = 'sso.hellabit.com';
     vm.form.scopes = '';
 
     vm.locks = {};
     vm.validated = {};
+    vm.responses = {};
 
     //
     // Convenience for our app
@@ -176,10 +177,31 @@
       vm.directives = null;
     };
 
+    // A place for all the generated urls
+    vm.urls = {};
+
     //
     // Wrap around the OAUTH3 APIs
     //
     vm.api = {};
+    vm.api.urls = {};
+    vm.api.authn = {};
+    vm.api.urls.credentialMeta = function () {
+      vm.urls.credentialMeta = OAUTH3.urls.credentialMeta(vm.directives, { email: vm.form.id });
+    };
+    vm.api.urls.otp = function () {
+      vm.urls.otp = OAUTH3.urls.otp(vm.directives, { email: vm.form.id });
+    };
+    vm.api.authn.otp = function () {
+      vm.api.urls.otp();
+      OAUTH3.authn.otp(vm.directives, { email: vm.form.id }).then(function (resp) {
+        vm.responses.otp = resp;
+      });
+    };
+    vm.api.authn.credentialMeta = function () {
+      vm.api.urls.credentialMeta();
+      OAUTH3.authn.loginMeta(vm.directives, { email: vm.form.id });
+    };
     vm.api.providerUri = function () {
       console.log('[DEBUG] providerUri:', vm.providerUri);
       try {
@@ -203,7 +225,6 @@
       }
     };
     vm.api._discoverCount = 0;
-    vm.api.urls = {};
     vm.api.urls.implicitGrant = function (provider) {
       if (!vm.directives) {
         console.log('[DEBUG] skipping implicit grant due to missing directives');