I'm building a SPA using AngularJS for the client side and the login information is being sent to a ASP.NET WebAPI as an AJAX post. Request Headers: Http: //mySite/api/login Content-Type: application/x-www-form-urlencoded Content-Length: 76 username=steve123%40gmail.com%2C&password=Test222%2C&grant_type=password All of this works fine running on my local machine, but when I deploy it to Everleap server, it returns {"error":"invalid_grant"} I've read that this might have something to do with the server's system clock. Anyone have any experience with this issue?