post https://backstage.taboola.com/backstage/oauth/token
a. Client submits a client_id and client_secret to the token endpoint.
b. Server returns an Access Token.
The
Content-Typefor this request isapplication/x-www-form-urlencoded.
Sample response:
{
"access_token": "CZ0OAAAAAAAAEdt7AgAAAAAAGAEgAClebYBnbQEAADooMDMyMDg2MmExZWNlYjIyYWJhMjc1OGI4NzJlMGZhNWI5ZDYxN2Q0YkAC::644420::78997c",
"token_type": "bearer",
"expires_in": 43200
}
<BadClientCredentialsException>
<error>invalid_client</error>
<error_description>Bad client credentials</error_description>
</BadClientCredentialsException>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html;charset=utf-8"/>
<title>Error 403 Could not verify the provided CSRF token because your session was not found.</title>
</head>
<body><h2>HTTP ERROR 403</h2>
<p>Problem accessing /authentication/oauth/token/. Reason:
<pre> Could not verify the provided CSRF token because your session was not found.</pre></p><hr><a href="http://eclipse.org/jetty">Powered by Jetty:// 9.4.15.v20190215</a><hr/>
</body>
</html>
Note
No Refresh Token is returned.
Troubleshooting
Make sure that the endpoint URL does not contain a trailing ‘/’.
Otherwise, the server returns 403 - Not Found, with the following HTML message:
"Could not verify the provided CSRF token because your session was not found"