Skip to content

Avoiding client id and client secret in password grant type #10

Description

@jitchavan

Currently password credentials grant type required client id and client secret. can we skip this in password grant type flow as it is not required in our case?

curl -u testclient:testpass "http://oauth-server.example.com/oauth2/PasswordCredentials" -d 'grant_type=password&username=someuser&password=somepassword'
{"access_token":"206c80413b9a96c1312cc346b7d2517b84463edd","expires_in":3600,"token_type":"bearer","scope":null}

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions