Type: Change Request
Status: Applied (View Workflow)
Resolution: Persuasive with Modification
After obtaining an authorization code, the app trades the code for an access token via HTTP POST to the EHR authorization server's token endpoint URL, using content-type application/x-www-form-urlencoded, as described in section* 4.1.3 of RFC6749.*
Suggest to refer to OAuth2.1 instead of deeplinking into OAuth2.1 requirements.