0👍
Like @Eyeslandic pointed out, your title is misleading, you have an OAuth or OAuth2 problem not a link problem.
If I can guess correctly you are getting a Get response (the token is in the link) and you want it to be a post response (the token in the request body) … Are you using passport.js ? Must be a matter of configuration.
There is nothing wrong with receiving the token in the link, OAuth protocols are secure enough, whether it’s a Get or a Post response.
If you want to read the token from the link, check this answer.
login.get('/p', function(req, res) {
const token = req.query.theReturnedTokenNameInTheLink
res.send("My token is " + token);
});
And the token is just a key that give you access to the host (github, google, facebook …) Api, you should make another request to those API’s, in order to get the user data, you could use a library like passport.js to simplify things, here is one of the tutorials, I found on how to use passport.js
Good luck.