I’m trying to make use of certain API endpoints like this one, but I’m having trouble getting a User Access Token.
In previous versions of the API, this could all be done on a local machine via API calls. It seems like the only way to get a User Access Token now is to have a publicly accessible redirect_uri that uses the HTTPS protocol. Is this correct?
If so, this severely inhibits my development process and forces me to pay for a web server just to go through basic development.
If neither of these are an option for you, you can still use the Authorization Code flow by doing the “OAuth Dance” once until you have a token/refreshToken pair, which you can save and then use with the Token Refresh Endpoint once the token expires
In addition to the ideas above you can use a reverse tunneling system to provide SSL
A quick start method for this is NGROK https://ngrok.com/ personally I use my live Server and Reverse SSH my local system to it so my live server handles SSL termination.
Then my development environment is more similar to live so testing and development is more realistic to the expected/live environment. For any cookie/session problems.