I'm trying to obtain an authorization code in order to use the Upwork API, using Oauth 2.0.
I send a GET request in the body using x-www-form-urlendcoded (have tried form-data as well) on Postman to "https://www.upwork.com/ab/account-security/oauth2/authorize" with 3 fields: -response_type -client_id -redirect_uri
All of those fields should be correct as I take straight from the Upwork API key information they gave me and response_type directly from the documentation.
The response I get is a "403 Forbidden - The request was a legal request but the server is refusing to respond to it."
My best guess to the problem is it could have something to do with "X-Upwork-API-TenantId header" as it is mentioned in the docs but isn't mentioned anywhere in getting the auth code but I don't fully understand what it is/does.
I was hoping to get a response like this as shown in the docs:
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8" />
<meta http-equiv="refresh" content="0;url='https://upwork.com/ab/messages/rooms/?code=b094053c2892cb819942e2d01e7237e7'" />
<title>Redirecting to https://upwork.com/ab/messages/rooms/?code=b094053c2892cb819942e2d01e7237e7</title>
</head>
<body>
Redirecting to <a href="https://upwork.com/ab/messages/rooms/?code=b094053c2892cb819942e2d01e7237e7">https://upwork.com/ab/messages/rooms/?code=b094053c2892cb819942e2d01e7237e7</a>.
</body>
</html>
But am instead getting this without code=b094053c2892cb819942e2d01e7237e7 and a 403 forbidden response.
If anyone knows how I could obtain that access token for Oauth it'd be greatly appreciated.