Testing accepting access token in HTTP Authorization header and POST body. This should not create a post