Trying to follow this guide: https://www.zoho.com/invoice/api/v3/oauth/#overview for generating a token, but I can't get it to work.

I am doing the following:

1. https://api-console.zoho.com/

2. Add client server based application

3. Add in the details

4. Get the __CLIENT_ID__ and __CLIENT_SECRET__

GET request in chrome browser to:

I click accept to allow the integration

It redirect to a URL like this:

curl -X POST https://accounts.zoho.com/oauth/v2/token?client_id=__CLIENT_ID__&grant_type=authorization_code&client_secret=__CLIENT_SECRET__&redirect_uri=https://www.example.com&code=__CODE__1000

But it always returns {"error":"invalid_client"}. If the client was invalid, why did it pass Step 2? Is the error message incorrect? On the forum (https://help.zoho.com/portal/en/community/topic/error-invalid-clientthey)  say attach client_id/client_secret/code etc as headers, but the help docs show it as query params. Its hard to know which way to use, since API3 might be different. So should they be added as headers, query params, or as payload data? Can someone show a working curl (convert PHP code to actual curl) example of step 3 in the docs? Dost it require a cookie to be set from the browser, and hence step 3 most occur from a browser (I don't think so, but I have tried many things for hours)?

Note: I tried to convert PHP code to actual curl reponse but there are missing variable assignments.