ok, I’m going to admit that I gave up. vijet’s answer above helped me get closer. Something is wrong with my /authorize call, probably related to Interceptor (which I’ve never used).
I was trying to do this in the Native Postman App, not the Chrome Web Browser Extension, which makes Interceptor a bit funky. It looks like it’ll proxy HTTPS, but I haven’t tried that yet (Charles still works for me).
Anyway, for now I’m just grabbing the bearer token from my browser session and copy/paste it over to Postman and it works fine until it times out, but that’s good enough for now.
If anyone manages to get this working, I’d love a step-by-step instruction manual. 