OAuth 2.1 token endpoint
DELETE/api/auth/oauth2/token
Exchanges authorization_code for access_token + id_token + refresh_token, or refreshes via refresh_token grant. Body must be application/x-www-form-urlencoded, NOT JSON.
Request
Responses
- 200
- 400
Token response
invalid_grant / invalid_request / invalid_client