You could get the real access token via the normal login flow, then invalidate it using an API call[1] or by uninstalling the app from your ...
Lee mas