Thank you. For completeness Would you be able to elaborate on 2)? From the documentation it is not entirely clear to me how I get an access token. What do I use as URL to make the call? What does the response look like? If I call the /userinfo endpoint I am assuming that the access_token is part of the header information in the request. I tried running this in Postman but I just get some form of access_denied like:
POST /oauth/token HTTP/1.1
Accept-Encoding: gzip, deflate, br
Cookie: did=s%3Av0%3Ad8b1afe0-424d-11ea-a5f8-d1743ac01df8.I7dbHa4GAq5fhNjt1P%2FOxwe%2FGqtYzJ6mVhBj%2B%2BzQakQ; did_compat=s%3Av0%3Ad8b1afe0-424d-11ea-a5f8-d1743ac01df8.I7dbHa4GAq5fhNjt1P%2FOxwe%2FGqtYzJ6mVhBj%2B%2BzQakQ
HTTP/1.1 401 Unauthorized
Date: Wed, 03 Jun 2020 15:58:15 GMT
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-transform
I know this sounds like a request for some hand-holding but I don’t know what specific call to make and in what order. Is there some kind of step by step recipe that I can follow?