Header request
:authority: orion-http.gw.postman.co
:method: POST
:path: /v1/request
:scheme: https
accept: */*
accept-encoding: gzip, deflate, br
accept-language: en,fr;q=0.9,fr-FR;q=0.8,en-US;q=0.7
authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjExYTY5YTI4LTE4ZGQtNGUwMS1hZmU3LTdhNmI3YWQ1MjBmMiIsInVzZXJJZCI6MjExNjE1MTksInRlYW1JZCI6MCwiaXYiOiJtakFTQ3BVNlYycGRZMHVSZ21hSDh3PT0iLCJhbGdvIjoiYWVzLTEyOCIsImlhdCI6MTY1MzY4MzA4NiwiZXhwIjoxNjUzNjg0ODg2fQ.oiz5fY7_4J9uEB0TufgdDug9jjNxZb1sE4G-V3-xZBY
content-length: 85
content-type: application/x-www-form-urlencoded
origin: https://web.postman.co
pm-h0: Content-Type=application/x-www-form-urlencoded, Authorization=Basic ZGFuYWxvY2std2ViOiIi, User-Agent=PostmanRuntime/7.29.0, Accept=*/*, Cache-Control=no-cache, Postman-Token=a574b6ad-6cdb-47de-9e27-316418cc8104, Host=api.danalock.com, Accept-Encoding=gzip%2C deflate%2C br, Connection=keep-alive
pm-o0: method=POST, timings=true, timeout=180000, rejectUnauthorized=true
pm-u: https://api.danalock.com/oauth2/token
referer: https://web.postman.co/workspace/4c634a3c-b884-400f-87a1-0a93981c7182/collection/21161519-1f5fb1ef-92d9-4145-b42d-73fd4763fdf6?ctx=documentation
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="101", "Google Chrome";v="101"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Linux"
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: same-site
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Header Answer
access-control-allow-credentials: true
access-control-allow-origin: https://web.postman.co
access-control-expose-headers: pm-e, pm-h0, pm-h1, pm-h2, pm-h3, pm-o0, pm-o1, pm-o2, pm-o3
content-encoding: gzip
content-security-policy: default-src 'none'
content-type: application/json
date: Fri, 27 May 2022 20:25:16 GMT
pm-h0: Date=Fri%2C 27 May 2022 20:25:16 GMT, Content-Type=application/json, Content-Length=212, Connection=keep-alive, Access-Control-Allow-Credentials=true, Access-Control-Allow-Headers=Content-Type%2C Authorization%2C X-Assume-User, Access-Control-Allow-Methods=GET%2C POST%2C DELETE%2C PUT%2C PATCH%2C HEAD, Access-Control-Allow-Origin=*, Access-Control-Expose-Headers=X-Page%2C X-Pages%2C X-PerPage%2C X-TotalRecords%2C mode, Cache-Control=no-cache%2C no-store%2C must-revalidate, Expires=0, Server=nginx, Vary=Origin
pm-o0: statusCode=400, statusMessage=Bad Request, httpVersion=1.1, timings=wait:0.099|dns:3.482|tcp:2.623|tls:201.329|request:0.104|firstByte:218.908, session={"id":"43966a40-4a99-45b7-a5a8-ad5a7c5169ac"%2C"reused":false%2C"data":{"addresses":{"local":{"address":"172.17.0.2"%2C"family":"IPv4"%2C"port":43630}%2C"remote":{"address":"99.83.133.6"%2C"family":"IPv4"%2C"port":443}}%2C"tls":{"reused":false%2C"authorized":true%2C"authorizationError":null%2C"cipher":{"name":"ECDHE-RSA-AES128-GCM-SHA256"%2C"standardName":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256"%2C"version":"TLSv1.2"}%2C"protocol":"TLSv1.2"%2C"ephemeralKeyInfo":{"type":"ECDH"%2C"name":"prime256v1"%2C"size":256}%2C"peerCertificate":{"subject":{"commonName":"*.danalock.com"%2C"alternativeNames":"DNS:*.danalock.com%2C DNS:ekey-backend-prod.pre-prod.danalock.com%2C DNS:*.danalockservices.com%2C DNS:ekey.poly-control.com"}%2C"issuer":{"country":"US"%2C"organization":"Amazon"%2C"organizationalUnit":"Server CA 1B"%2C"commonName":"Amazon"}%2C"validFrom":"May 2 00:00:00 2022 GMT"%2C"validTo":"May 31 23:59:59 2023 GMT"%2C"fingerprint":"1A:56:EC:0A:64:86:BF:18:69:E1:3C:27:00:E3:C7:39:EA:96:BD:86"%2C"serialNumber":"09209FF8A6246AA5BA3A4E22CB3D37CA"}}}}
referrer-policy: origin
server: nginx
strict-transport-security: max-age=63072000; includeSubDomains
vary: Origin
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block
And finaly the same message
{"error":"invalid_request","message":"The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed.","hint":"one time password"}