What is the purpose of grant_type parameter in OAuth 2 Authentication

The grant_type URL parameter is required by OAuth2 RFC for the /token endpoint, which exchanges a grant for real tokens. So the OAuth2 server knows what you are sending to it. You are using the Resource Owner Password Credentials Grant, so you must specify it with the value password.

From the OAuth2 RFC:

An authorization grant is a credential representing the resource owner's authorization (to access its protected resources) used by the client to obtain an access token.

The grant_type=password means that you are sending a username and a password to the /token endpoint. If you used the Authorization Code Grant flow, you could use the value authorization_code. But then you don't send the username+password pair, but a code received from the OAuth2 server after user authentication. The code is an arbitrary string - not human readable. It's nicely shown in the workflow diagrams in the RFC.

Tags:

Oauth 2.0

Laravel

Lumen

Related

How to add a gesture detector to a view in Android Android Wi-Fi Scan: Filter printers from ScanResult What do the Stream reduce() requirements exactly entail? In Vue.js how do I write custom filters in separate file and use them in various components by declaring in main.js? convert hex to binary in javascript How to avoid bind or inline arrow functions inside render method What happens when you assign the value of one variable to another variable in Python? How can I merge the last two commits? Using JSONEncoder to encode a variable with Codable as type what is the difference between a stateful and a stateless lambda expression? SequelizeConnectionError: Client does not support authentication protocol requested by server; consider upgrading MariaDB client Keycloak angular No 'Access-Control-Allow-Origin' header is present

Recent Posts