The resource owner password credentials authorization contains a single request + response.
The
The
The
Resource Owner Password Credentials Grant Request
The request contains the following parameters:grant_type |
Required. Must be set to password |
username |
Required. The username of the resource owner, UTF-8 encoded. |
password |
Required. The password of the resource owner, UTF-8 encoded. |
scope |
Optional. The scope of the authorization. |
Resource Owner Password Credentials Grant Response
The response is a JSON structure containing the access token. The JSON structure looks like this:{ "access_token" : "...",
"token_type" : "...",
"expires_in" : "...",
"refresh_token" : "...",
}
The access_token property is the access token as assigned by the authorization server.
The
token_type property is a type of token assigned by the authorization server.
The
expires_in property is a number of seconds after which the access token expires, and
is no longer valid. Expiration of access tokens is optional.
The
refresh_token property contains a refresh token in case the access token can expire.
The refresh token is used to obtain a new access token once the one returned in this response
is no longer valid.
