Added example to use direct grant
This commit is contained in:
parent
76ef0ff856
commit
e472eededa
1 changed files with 18 additions and 0 deletions
|
@ -133,10 +133,28 @@ There are a number of limitations of using this flow, including:
|
||||||
* No support for identity brokering or social login
|
* No support for identity brokering or social login
|
||||||
* Flows are not supported (user self-registration, required actions, etc.)
|
* Flows are not supported (user self-registration, required actions, etc.)
|
||||||
|
|
||||||
|
For a client to be permitted to use the Resource Owner Password Credentials grant the client has to have `Direct Access Grants Enabled` enabled.
|
||||||
|
|
||||||
This flow is not included in OpenID Connect, but is a part of the OAuth 2.0 specification.
|
This flow is not included in OpenID Connect, but is a part of the OAuth 2.0 specification.
|
||||||
|
|
||||||
For more details refer to the https://tools.ietf.org/html/rfc6749#section-4.3[Resource Owner Password Credentials Grant] chapter in the OAuth 2.0 specification.
|
For more details refer to the https://tools.ietf.org/html/rfc6749#section-4.3[Resource Owner Password Credentials Grant] chapter in the OAuth 2.0 specification.
|
||||||
|
|
||||||
|
===== Example using CURL
|
||||||
|
|
||||||
|
The following example shows how to obtain an access token for a user in the realm `master` with username `user` and password `password`. The example is using
|
||||||
|
the confidential client `myclient`:
|
||||||
|
|
||||||
|
[source,bash]
|
||||||
|
----
|
||||||
|
curl \
|
||||||
|
-d "client_id=myclient" \
|
||||||
|
-d "client_secret=40cc097b-2a57-4c17-b36a-8fdf3fc2d578" \
|
||||||
|
-d "username=user" \
|
||||||
|
-d "password=password" \
|
||||||
|
-d "grant_type=password" \
|
||||||
|
"http://localhost:8080/auth/realms/master/protocol/openid-connect/token"
|
||||||
|
----
|
||||||
|
|
||||||
==== Client Credentials
|
==== Client Credentials
|
||||||
|
|
||||||
Client Credentials is used when clients (applications and services) wants to obtain access on behalf of themselves rather than on behalf of a user. This can
|
Client Credentials is used when clients (applications and services) wants to obtain access on behalf of themselves rather than on behalf of a user. This can
|
||||||
|
|
Loading…
Reference in a new issue