I'm trying to obtain an access token for a test application using the Vend API by sending a bunch of parameters in the body of POST request of type "application/x-www-form-urlencoded". I've already obtained an authorization code however I keep on receiving an error response. I'm using Postman to send the request and it appears that the Vend API makes use of OAuth2.
The response - 400 Bad Request:
{
"error": "invalid_request",
"error_description": "The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed. Check the \"grant_type\" parameter."
}
The error seems to suggest the problem is the "grant_type" parameter, I've tried assigning it other values such as the authorization code and redirect URI to no avail. I'm now suspecting that the problem is elsewhere.
POST request URL:
https://samplepsyirf01.vendhq.com/api/1.0/token
POST request parameters:
code: KWDZNSo67gnf82PHa805k_kLlcq7VYZHQeAhoK7J
client_id: AdP6KYWqPjM7WbkDnNafoJ5piI6GECRa
client_secret: {CLIENT SECRET}
grant_type: authorization_code
redirect_uri: https://www.google.com/
I've used the google homepage as a dummy redirect URI as we don't have any production Vend applications at this point. I'm not sure whether this is having any impact on the problem.
Authorization code:
Vend API docs: https://docs.vendhq.com/reference#section-oauth-2-0
