Resource Owner Password Credentials Grant

OAuth 2 Flow

Sets the OAuth 2.0 method to use.

Resource Owner Name

The name of the resource owner.

Resource Owner Password

The password of the resource owner.

Client Identification

An alphanumeric string used to identify the client.

Client Secret

The secret string the client will use.

Resource

(For Azure only) The App ID URI of the web service.

Access Token URL

The URL to get an access token from.

Apply Client JWT Assertion

Select if you need to include JSON Web Token (JWT) assertion to the authorization request.

JWT Assertion

Is available if you selected Apply Client JWT Assertion.

Specifies the JSON Web Token (JWT) that will be included in the authorization request as a JWT assertion. You can specify it manually or generate it.

Generate JWT

Is available if you selected Apply Client JWT Assertion.

Click it to generate a JSON Web Token. The generated token will be written to the JWT Assertion field. See Generating JSON Web Token.

Scope

The full scope string defining the requested permissions.

Use Nonce

Select to generate a unique string for each request. It allows the server to verify that a request has never been made before and helps prevent replay attacks.

Use Authorization Header

Select to send client credentials in the request header. Otherwise, the credentials are sent in the request body.

Get Access Token

Click this button to retrieve the access token.

Automation

Click this button to open the Automated Token Profile editor.