1. Create a Connected App in Salesforce.

I have disabled “Require Secret for Web Server Flow” so that the Consumer Secret is not required. For better security, please keep this enabled.

2. Send a GET request to get the Authorization Code.

3. Open the URL from the response and get the code. Do a POST Request for Access Token.