February 2019
Intermediate to advanced
446 pages
10h 55m
English
In this flow, the client provides their own credentials and retrieves the access token. It does not use the resource owner's credentials and permissions.
As you can see in the following screenshot, we directly enter the token endpoint with only two parameters: grant_type and scope. The authorization header is added using client_id and client secret (you can use HTTP or HTTPS, based on the configuration):

You can use the access token in a similar way to how it is explained for the authorization code grant.
Read now
Unlock full access