For Step 3: Exchange authorization code with access token of the Miro OAuth 2.0 authorization flow, does the https://api.miro.com/v1/oauth/token API endpoint support passing the client_id and client_secret values via Basic Auth?
We’re currently passing them through via the request body as x-www-form-urlencoded parameters, but would prefer to update it to use the “Authorization: Basic xyzxyzxyz” header instead!
I’ve tried to do so using my Insomnia client to generate a POST request to the https://api.miro.com/v1/oauth/token endpoint with grant_type, code, and redirect_uri passed in the body and client_id and client_secret base64 encoded and passed via the Basic Auth header, but am receiving this 500 error in response:
Is this possible?
While it’s a great suggestion, our /oauth endpoint doesn’t currently support passing these credentials via the Header in this way.
That said, I can definitely appreciate where you’re coming from — I’ve shared this feedback with our product team!