I see, I am open to a PR here that makes your use case somewhat easier:
helpme discourse somesite.com
You have no authentication token to somesite.com to create one visit:
http://somesite.com/api_key/new?application_name=helpme&public_key=ABCD&nonce=NONCE&client_id=client_id&auth_redirect...
Then user goes to web browser pastes in URL and at the end of the process INSTEAD of being redirected off site with the encrypted auth token we would simply render the encrypted token on screen.
It means this controller needs to accept another param:
And we need another view defined to show the encrypted API key that helpme would decrypt.