Hi @jack.cattell,
Thank you for your reply.
According to the OAuth 2.0 specification, the authorization code expires shortly after it is issued, with a maximum authorization code lifetime of 10minutes (could potentially be shorter). If you are making your requests immediately after receiving your authorization code, you can eliminate this error as a possibility.
What is meant by “does not match the redirection URI used in the authorization request” means that your redirect_uri parameter should match in both your /authorize request and /oauth/token request.
If this is the case, you’ll need to make sure these values are the same.
Please let me know if you have any other questions. I’d be happy to help.
Thank you.