Resource Owner Password Credentials Grant

In the resource owner password credentials grant, the EMS client (or EMS server) first authenticates itself to the OAuth 2.0 authorization server by presenting a client ID and client secret, then provides an EMS user and password for validation by the authorization server. If both authentication operations are successful, the authorization server issues an access token to the client.

Refresh tokens are supported with this grant type. If the authorization server issues a refresh token along with the requested access token, the EMS client (or EMS server) will use that refresh token instead of the grant for requesting the next access token. If it fails to obtain a new access token using the refresh token, it will try again using the grant.

This grant type has been deemed legacy and is expected to be removed in a future update to the OAuth 2.0 framework. It should only be used in situations where the client credentials grant type is not feasible.

Did you find this helpful?

Yes No