/oauth2/token

Once a user has authorized the client application and they are redirected, the client application can use the token endpoint to get an access token. Access tokens are then used to access protected resources.