I can’t tell what URL this is calling from the screenshot.
What URL are you trying to call and does it match what postman is actually calling?
This seems to be step 3 of the “OAuth authorization code flow”
Depending on which Webhook topics you are interested in an “App Access”/Client Credentials Token may make more sense to be used
As a side note you should probably run these as two seperate processed.
So that the Bots process is not directly web accessable.