ShipScript has been an eBay Community volunteer since 2003, specializing in HTML, CSS, Scripts, Photos, Active Content, Technical Solutions, and online Seller Tools.
I've posted a working production example of OAuth for client credentials, running on PHP, that will both retrieve and refresh a token.
To use this token method, you will need two values from your account settings.
https://www.developer.ebay.com/my/keys
They are Client ID (App ID) and Client Secret (Cert ID). Those don't change unless you force an updated Client Secret, so you can use those keys indefinitely. They must be base64-encoded when passed in the "Authorization" field of the header (as correctly shown in your post).
Your post is using a grant type of "client_credentials" which means you won't be accessing private account data. Your application is the "client" and can only make calls to APIs that return publicly available data (like my shopping API example).
eBay will return a token in response to your call, and that token will have a limited duration, so you may need to refresh the token. So start with an empty token file, and when eBay sends you a token, based on your credentials, save that token to a file and use it for calls to eBay's public-data APIs. When the token expires, request a new token and continue.
@salsha7566 wrote:"error": "invalid_client"
Are you using the correct key set for the sandbox?
Is there a colon joining your keys prior to base64 encoding?
I am not familiar with Postman, so can't tell if the content is formatted correctly.
While you can test OAuth outside of any other API, you won't be able to use the public scope for accessing Order details, since that accesses the user account data. You'll need to add more scopes, separated by spaces.
I have limited experience with only a few APIs, so perhaps @five_notch_trading_post can offer more suggestions.
