These changes include:
1. Replacing the app token with a standard authorization barrier.
2. Changing the response body in the OAuth request by wrapping the endpoint link with a structure instead of placing it in the callback payload data.
Create a middleware app access token, so that all requests must include `access_token` in the header with a value equal
to API_KEY in the .env file. If not, a `403 Forbidden` error will be returned.
