Good question - You’ll need to make an actual request to get a valid Access Token. In my experience, most will go the route of configuring their application in Auth0 to allow the Resource Owner Password grant and use the auth API debugger extension to grab a “test” token.