- OAuth 2.0 Tutorial
- OAuth 2.0 - Home
- OAuth 2.0 - Overview
- OAuth 2.0 - Architecture
- OAuth 2.0 - Client Credentials
- Obtaining an Access Token
- Accessing a Protected Resource
- OAuth 2.0 - Extensibility
- OAuth 2.0 - IANA Considerations
- OAuth 2.0 Useful Resources
- OAuth 2.0 - Quick Guide
- OAuth 2.0 - Useful Resources
- OAuth 2.0 - Discussion
Resource Owner Password Credentials
The resource owner password credentials include only one request and one response. This grant type is useful where the resource owner has a good relationship with the client, when there are no authorization grant types available.
The resource owner password credentials can be used to grant authorization to access the token. This type of grant type removes the storing of resource owner credentials for future use by exchanging credentials with the access token or the refreshing token.
The resource owner password credentials grant request contains the following parameters −
grant_type − It is a required parameter used to set the password.
username − It is a required parameter that specifies the resource owner username.
password − It is a required parameter that specifies the resource owner password.
scope − It is an optional parameter that specifies the scope of the request and authorization.
The resource owner password credentials grant response contains the following JSON structure.
{
"access_token" : ". . .",
"token_type" : ". . .",
"expires_in" : ". . . ",
"refresh_token" : ". . .",
}
access_token − It is a required parameter in which the authorization server accesses the token.
token_type − It is a required parameter which is assigned by the authorization server and specifies the type of token.
expires_in − It is a recommended parameter that specifies the duration of access token expiry.
refresh_token − It provides a refresh token if the access token expires, to get the new access token using the authorization grant.