Firstly, I'm starting to get the authentication request from client Rollbase side to an external system: GET ../api/oauth2/auth with URL parameters I can catch the authentication response and save it in a field in Rollbase Secondly I'm doing the token request POST ../api/oauth2/token with post data The repsonse is an access token which I can use to access the environment/ERP. I can do these steps from the client side with JQuery, the only challenge (for the second step/post step) is CORS (now I have a workaround to achieve this from client side). Normally, I want to do the POST from the Rollbase server with a rbv_api.sendHttpPost. The POST has also a redirect_uri and should be the place where the POST has been done. Otherwise I'll get a "Bad Request". Again, from the client side with exactly the same name/value pairs for the POST will work, but is not in a secure way. Do you have idea's/advices how we can implement this in a right and secure way? Continue reading...