The Resource Owner Password Credentials grant uses the resource owner’s password to obtain an access token, and then discards the password. Optionally, a refresh token is also sent.
|OAuth 2 Flow||Sets the OAuth 2.0 method to use.|
|Resource Owner Name||The name of the resource owner.|
|Resource Owner Password||The password of the resource owner.|
|Client Identification||An alphanumeric string used to identify the client.|
|Client Secret||The secret string the client will use.|
(For Azure only) The App ID URI of the web service.
|Access Token URL||The URL to get an access token from.|
|Apply Client JWT Assertion||Select if you need to include JSON Web Token (JWT) assertion to the authorization request.|
Is available if you selected Apply Client JWT Assertion.
Specifies the JSON Web Token (JWT) that will be included in the authorization request as a JWT assertion. You can specify it manually or generate it.
|Generate JWT||Is available if you selected Apply Client JWT Assertion.
Click it to generate a JSON Web Token. The generated token will be written to the JWT Assertion field. See Generating JSON Web Token.
|Scope||The full scope string defining the requested permissions.|
|Use Nonce||Select to generate a unique string for each request. It allows the server to verify that a request has never been made before and helps prevent replay attacks.|
|Use Authorization Header||Select to send client credentials in the request header. Otherwise, the credentials are sent in the request body.|
|Get Access Token||Click this button to retrieve the access token.|
|Automation||Click this button to open the Automated Token Profile editor.|