At times we see issues with VPP tokens not retrieving data correctly, you can manually validate the VPP token using the steps below.
Using an API client such as Postman (https://www.getpostman.com/) or Insomnia (https://insomnia.rest/)
You need a VPP stoken, open it up in notepad and copy the value
The JSON payload will look like below (token):
{"sToken":"ewogICAgImV4cERhdGUiOiAiMjAxOS0xMC0zMFQyMjozNjozMi0wNzAwIiwKICAgICJvcmdOYW1lIjogIkV4YW1wbGUgT3JnIiwKICAgICJ0b2tlbiI6ICJENjFRNFhldjdhYmMxMjM0NTY3ODg5OTBIaHRpS1Rob0E9PSIKfQ=="}
I am using Insomnia in my example.
Create a new POST request and add Content-Type application/json into the headers
Add a JSON body and add the sToken payload in the format below.
Successful response from Apple
Note this is a test location with no apps in it, real request will return an inventory of apps.
VPP API is documented here: Device Management | Apple Developer Documentation