taco-authentication To avoid send request format not valid consider using oidcdebugger After gain authorize code, we can use it to exchange token.