...
The format of the access token and error response objects is as described above for the Authorization Code Grant. However, no refresh token is supplied.
| Anchor | ||||
|---|---|---|---|---|
|
The Resource Owner Password Credentials flow allows client to obtain an access token using resource owner's credentials (username and password). The Password grant is one of the simplest OAuth grants and involves only one step: client uses resource owner's username and password to make POST request to the server to exchange password for access token. This authorization grant type requires that the application collect the user’s password.
...