Hello @dragos,
I decoded the access_token and it shows the issuer as “{org}.okta.com”. I tried the POST request again with the following URL: https://{org}.okta.com/oauth2/v1/token – but I’m receiving the following:
{
“error”: “invalid_client”,
“error_description”: “Client authentication failed. Either the client or the client credentials are invalid.”
}
In my authorization header, should I be using “Basic {accessToken}” or “Bearer {accessToken}”?