We are trying to generate an access token for one of our clients using their username and password through the https://unityapi.webrootcloudav.com/auth/token endpoint. However, if the password contains an & symbol, we always receive the error message "Username or password is invalid”.
When testing with other accounts and passwords (not containing an & character), things work fine. We double checked and we are sending the password field (as any other field) properly URL encoded. My only guess is that the receiving API server is not decoding these values correctly.
Would you be able to confirm this a problem on your end or is there something we need to check again?
Thanks for any help.