Skip to content

Latest commit

 

History

History
30 lines (27 loc) · 1.93 KB

133_password-credentials-flow.md

File metadata and controls

30 lines (27 loc) · 1.93 KB
Raw

Password Credentials Flow

RFC reference

flow

  • Get tokens using Password Credentials Flow. 
    curl --location --request POST 'http://localhost:8080/services/oauth2/{organization-id}/{project-id}/token?grant_type=password&username={username}&password={password}&scope={scopes}&client_id={id}&client_secret={secret}' \
--header 'Content-Type: application/x-www-form-urlencoded'
  1. User enters client and user credentials.
  2. Client application sends POST request above with client and user credentials.
  3. iam-service verifies organization / project, client and user credentials.
  4. iam-service issues tokens if verification above is successful.
  5. tokens are provided to client application.
  6. login procedure is complete.
  7. Token Verification process, back channel.
  8. client application use access_token to access resources.
  9. Refresh Tokens flow.

Test in Postman or Insomnia

Name Value
Grant Type Password Credentials
Access Token URL http://localhost:8080/services/oauth2/iam-admins/iam-admins/token
Username admin
Password secret
Client ID admin-client
Client Secret top-secret
Scope ""