Resource Owner Password Credentials Grant
This endpoint exchanges the resource owner's credentials for an access token and it is highly advised to be used from secure environments such as your application's backend.
Request Body
Your client id.
Make sure your client has password grant type enabled in Dashboard > Clients > Details > Grant Types
For Resource Owner Credentials Grant this must be set to password
Value: password
End-User's identifier.
NOTE: This field may be misleading as we didn't want to override protocol specification. Even though this field is named as username it may not be End-User's username if identifier is set to different field from username, such as email, phone_number, etc.
Audience of to be generated access token.
Make sure your client is granted access to use this audience from Dashboard > Resources > [Your Resource] > Clients
If provided user credentials will be checked from the provided connection.
NOTE: this will override default connection set in dashboard.
Field name to look up user.
Make sure to set username field according to this value.
For ex: If identifier=email set username to End-User's email address.
Default Value: "email"
Response Body Schema
access_tokenstringRequired
Access token value in JWT string
expires_innumberRequired
Access token's expiration in seconds
id_tokenstring
ID token value in JWT string, if generated.
refresh_tokenstring
Refresh token value, if generated.
scopestring
Final scopes granted to access token as space separated strings.