Applies to ReadyAPI 2.7, last modified on June 25, 2019

The Resource Owner Password Credentials grant uses the resource owner’s password to obtain an access token, and then discards the password. Optionally, a refresh token is also sent.

OAuth 2.0: Resource Owner Password Credentials grant
OAuth 2.0 Azure: Resource Owner Password Credentials grant
Option Description
OAuth 2 Flow Sets the OAuth 2.0 method to use.
Resource Owner Name The name of the resource owner.
Resource Owner Password The password of the resource owner.
Client Identification An alphanumeric string used to identify the client.
Client Secret The secret string the client will use.
Resource (For Azure only) The App ID URI of the web service.
Access Token URL The URL to get an access token from.
Apply Client JWT Assertion Select if you need to include JSON Web Token (JWT) assertion to the authorization request.
JWT Assertion Is available if you selected Apply Client JWT Assertion.
Specifies the JSON Web Token (JWT) that will be included in the authorization request as a JWT assertion. You can specify it manually or generate it.
Generate JWT Is available if you selected Apply Client JWT Assertion.
Click it to generate a JSON Web Token. The generated token will be written to the JWT Assertion field. See Generating JSON Web Token.
Scope The full scope string defining the requested permissions.
Use Nonce Select to generate a unique string for each request.
Use Authorization Header Select to send client credentials in the request header. Otherwise, the credentials are sent in the request body.
Get Access Token Click this button to retrieve the access token.
Automation Click this button to open the Automated Token Profile editor.

See Also

Authorization Code Grant
Client Credentials Grant
Implicit Grant
OAuth 2.0 Grant Types

Highlight search results