Oh step 1? I skim read and jumped to step 3. As Step 3 is the cURL/exchange step. You shouldn’t be fetching the authorise url like this
Step 1 is a redirect. You send the user to that URL in order to authenticate and come back
Oh step 1? I skim read and jumped to step 3. As Step 3 is the cURL/exchange step. You shouldn’t be fetching the authorise url like this
Step 1 is a redirect. You send the user to that URL in order to authenticate and come back