I guess there are messed up parameters again. Like client_id should be Client-ID etc., but I don’t know which are right as far as there is nothing in the documentation.
Did you ever figure this out? I am getting “message”: “The parameter “grant_type” was malformed: value must be one of “authorization_code”, “password””. Is using the Refresh_Token not supported? Then why make OAuth tokens invalid after 240 minutes?