With a basic CRUD Laravel app containing API routes I wanted to protect the API behind Oauth. So I followed the instructions on the Laravel documentation and a great video by Andre Madarang on Youtube.
After following the steps of requiring passport in composer, migrating and adding the routes I was testing the oauth endpoints but got an error:
unsupported_grant_type
When I realised I had added the parameters as ‘Header’ variables when they should have been sent in the body as Multipart form fields:
With that change and using the appropriate client_id and secret I received an access token that I could use in subsequent requests by choosing ‘Bearer’ from the ‘Auth’ menu: