CINXE.COM

Implement authorization by grant type | Okta Developer

<!DOCTYPE html> <html lang="en-US"> <head> <meta charset="utf-8"> <meta name="viewport" content="width=device-width,initial-scale=1"> <title>Implement authorization by grant type | Okta Developer</title> <meta name="generator" content="VuePress 1.9.8"> <link rel="stylesheet" href="https://static.cloud.coveo.com/searchui/v2.8959/14/css/CoveoFullSearch.min.css" integrity="sha512-DzuDVtX/Dud12HycdAsm2k9D1UQ8DU7WOj7cBRnSsOKQbKfkI94g0VM9hplM0BkQ0VXdDiQYU9GvUzMmw2Khaw==" crossorigin="anonymous"> <script class="coveo-script" src="https://static.cloud.coveo.com/searchui/v2.8959/14/js/CoveoJsSearch.Lazy.min.js" integrity="sha512-RV1EooPduQhwl0jz+hmjBw/nAtfeXNm6Dm/hlCe5OR1jAlG4RErUeYfX1jaaM88H8DiyCJDzEWZkOR0Q13DtrA==" crossorigin="anonymous" defer="true"></script> <script src="https://geoip-js.com/js/apis/geoip2/v2.1/geoip2.js"></script> <link rel="apple-touch-icon" sizes="180x180" href="/favicon/favicon.png"> <link rel="icon" type="image/png" href="/favicon/favicon.png"> <link rel="icon" type="image/svg" sizes="32x32" href="/favicon/favicon.svg"> <link rel="icon" type="image/svg" sizes="16x16" href="/favicon/favicon.svg"> <link rel="manifest" href="/favicon/manifest.json"> <link rel="mask-icon" href="/favicon/favicon.png"> <link rel="preload" href="https://use.typekit.net/osg6paw.css" as="style" crossorigin="true"> <link rel="stylesheet" href="https://use.typekit.net/osg6paw.css" crossorigin="true"> <meta name="msapplication-config" content="/favicon/browserconfig.xml"> <meta http-equiv="XA-UA-Compatible" content="IE=edge"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <script> window.dataLayer = window.dataLayer || []; var isProduction = window.location.hostname === 'developer.okta.com'; if (isProduction) { // START Google Tag Manager - main container (function(w,d,s,l,i){w[l]=w[l]||[];w[l].push({'gtm.start': new Date().getTime(),event:'gtm.js'});var f=d.getElementsByTagName(s)[0], j=d.createElement(s),dl=l!='dataLayer'?'&l='+l:'';j.async=true;j.src= '//www.googletagmanager.com/gtm.js?id='+i+dl;f.parentNode.insertBefore(j,f); })(window,document,'script','dataLayer','GTM-KXMLV58'); // END Google Tag Manager } </script> <meta name="description" content="Secure, scalable, and highly available authentication and user management for any app."> <meta name="msapplication-config" content="/favicon/browserconfig.xml"> <meta http-equiv="XA-UA-Compatible" content="IE=edge"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <link href="https://developer.okta.com/docs/guides/implement-grant-type/ropassword/main/" rel="canonical" /> <link rel="preload" href="/assets/css/2.styles.916c88f2.css" as="style"><link rel="preload" href="/assets/js/app.8d18bbef.js" as="script"><link rel="preload" href="/assets/js/185.c681fd7f.js" as="script"><link rel="preload" href="/assets/js/187.158c23d4.js" as="script"><link rel="preload" href="/assets/js/65.d1132cc4.js" as="script"><link rel="preload" href="/assets/js/225.45dd681b.js" as="script"><link rel="preload" href="/assets/js/188.7802dab9.js" as="script"><link rel="preload" href="/assets/js/219.321ff151.js" as="script"><link rel="preload" href="/assets/js/80.6ed389a3.js" as="script"><link rel="preload" href="/assets/js/204.a717d129.js" as="script"><link rel="preload" href="/assets/js/206.c32c8d9a.js" as="script"><link rel="preload" href="/assets/js/216.08cb65a0.js" as="script"><link rel="preload" href="/assets/js/81.b90fa567.js" as="script"><link rel="preload" href="/assets/js/210.8b5a03b4.js" as="script"><link rel="preload" href="/assets/js/195.76e2f625.js" as="script"><link rel="preload" href="/assets/js/220.2c485c69.js" as="script"><link rel="preload" href="/assets/js/202.5c8678e1.js" as="script"><link rel="preload" href="/assets/js/5.4dbcc072.js" as="script"><link rel="preload" href="/assets/js/259.04c1dca9.js" as="script"><link rel="preload" href="/assets/js/906.d0acd127.js" as="script"><link rel="preload" href="/assets/js/235.7785cb7b.js" as="script"><link rel="preload" href="/assets/js/905.7d8ca548.js" as="script"><link rel="preload" href="/assets/js/907.1b86b839.js" as="script"><link rel="preload" href="/assets/js/901.fcbf9921.js" as="script"><link rel="preload" href="/assets/js/899.7a87feba.js" as="script"><link rel="preload" href="/assets/js/909.f6564977.js" as="script"><link rel="preload" href="/assets/js/908.c17200f3.js" as="script"><link rel="preload" href="/assets/js/903.fef5ff34.js" as="script"><link rel="preload" href="/assets/js/910.310e7ccb.js" as="script"><link rel="preload" href="/assets/js/900.212667ac.js" as="script"><link rel="preload" href="/assets/js/904.632f45ea.js" as="script"><link rel="preload" href="/assets/js/205.2b78ea63.js" as="script"><link rel="preload" href="/assets/js/191.c4d08a47.js" as="script"><link rel="preload" href="/assets/js/64.2aa9ad79.js" as="script"><link rel="preload" href="/assets/js/215.a532e816.js" as="script"> <link rel="stylesheet" href="/assets/css/2.styles.916c88f2.css"> </head> <body> <div id="app" data-server-rendered="true"><div class="layout"><div class="fixed-header"><div class="header-banner" style="display:none;" data-v-3d4eeb36><div class="header-banner-content" data-v-3d4eeb36><p data-v-3d4eeb36> Check out our new and improved <a href="https://developer.okta.com/docs/api/" target="_blank" data-v-3d4eeb36> API documentation! ↗ </a></p></div> <!----></div> <header class="page-header"><a href="/" class="header--logo"><img src="/img/logotype.svg" width="180" height="28" alt="Okta developer logotype"></a> <div class="menu--slideout"><div class="search--slideout opened"><div class="search--wrapper"><div data-search-bar data-pipeline="developer-okta-com" class="SearchBox"><div class="search--form"><div class="CoveoOmnibox"></div></div> <div class="CoveoAnalytics"></div></div></div></div> <div class="header--links"><ul class="menu--items menu--desktop"><li index="0" class="expandable"><span class="link link--small link--semi-bold">Community</span> <ul class="submenu--items"><li><a href="https://devforum.okta.com" target="_blank" rel="noopener noreferrer" class="link link--small link--semi-bold link--black"><span>Forum</span></a> <!----></li><li><div class="menu--divider"></div> <!----></li><li><div class="menu--icons"><a href="https://github.com/oktadev" target="_blank" rel="noopener noreferrer" class="menu--icon"><i><svg width="19" height="18" fill="none" xmlns="http://www.w3.org/2000/svg"><path d="M17.214 4.595a9.185 9.185 0 00-3.358-3.358C12.443.412 10.9 0 9.226 0 7.552 0 6.008.412 4.595 1.237a9.184 9.184 0 00-3.358 3.358C.412 6.008 0 7.552 0 9.225c0 2.01.587 3.818 1.76 5.424 1.173 1.606 2.689 2.717 4.546 3.333.217.04.377.012.48-.084a.47.47 0 00.157-.36l-.006-.649c-.004-.408-.006-.764-.006-1.069l-.276.048a3.52 3.52 0 01-.667.042 5.092 5.092 0 01-.835-.084 1.866 1.866 0 01-.805-.36 1.524 1.524 0 01-.528-.739l-.12-.276a3.003 3.003 0 00-.379-.613c-.172-.224-.346-.376-.522-.456l-.084-.06a.882.882 0 01-.156-.144.66.66 0 01-.108-.169c-.025-.056-.005-.102.06-.138.064-.036.18-.054.348-.054l.24.036c.16.032.358.128.595.289.236.16.43.368.582.624.185.328.407.579.667.75.26.173.522.26.787.26.264 0 .492-.021.684-.06.192-.04.373-.101.541-.181.072-.537.268-.95.588-1.238a8.224 8.224 0 01-1.23-.216 4.896 4.896 0 01-1.13-.468 3.233 3.233 0 01-.967-.805c-.256-.32-.466-.741-.63-1.261-.165-.521-.247-1.122-.247-1.802 0-.97.317-1.794.95-2.475-.297-.729-.269-1.545.083-2.45.233-.073.577-.018 1.033.162.457.18.791.334 1.004.462.212.128.382.237.51.325a8.53 8.53 0 012.307-.313 8.53 8.53 0 012.306.313l.457-.289c.312-.192.68-.368 1.104-.528.425-.16.75-.204.974-.132.36.905.392 1.721.096 2.45.632.68.949 1.506.949 2.475 0 .68-.082 1.283-.246 1.808-.164.524-.377.944-.637 1.26a3.36 3.36 0 01-.973.8 4.916 4.916 0 01-1.13.468 8.208 8.208 0 01-1.23.217c.416.36.624.929.624 1.705v2.535c0 .144.05.264.15.36.1.096.258.124.475.084 1.858-.617 3.373-1.728 4.547-3.333 1.173-1.606 1.76-3.414 1.76-5.424-.001-1.673-.414-3.217-1.238-4.63z"/></svg></i></a><a href="https://twitter.com/OktaDev" target="_blank" rel="noopener noreferrer" class="menu--icon"><i><svg width="18" height="18" fill="none" xmlns="http://www.w3.org/2000/svg"><path d="M9 0a9.001 9.001 0 000 18A9.001 9.001 0 009 0zm4.11 7.017c.003.089.005.178.005.267 0 2.73-2.078 5.878-5.877 5.878a5.847 5.847 0 01-3.167-.928 4.144 4.144 0 003.058-.856A2.068 2.068 0 015.2 9.943a2.056 2.056 0 00.934-.035 2.066 2.066 0 01-1.657-2.051c.278.154.597.247.935.258a2.064 2.064 0 01-.64-2.758A5.865 5.865 0 009.03 7.515a2.066 2.066 0 013.52-1.884c.47-.092.913-.264 1.312-.5a2.074 2.074 0 01-.909 1.142 4.12 4.12 0 001.187-.326 4.2 4.2 0 01-1.03 1.07z"/></svg></i></a><a href="https://www.youtube.com/channel/UC5AMiWqFVFxF1q9Ya1FuZ_Q/featured" target="_blank" rel="noopener noreferrer" class="menu--icon"><i><svg width="18" height="18" fill="none" xmlns="http://www.w3.org/2000/svg"><path d="M7.879 10.372l2.928-1.686L7.878 7v3.372z"/><path d="M9 0a9.001 9.001 0 000 18A9.001 9.001 0 009 0zm5.624 9.009s0 1.825-.232 2.705a1.41 1.41 0 01-.991.992c-.88.231-4.401.231-4.401.231s-3.511 0-4.4-.24a1.41 1.41 0 01-.992-.992C3.376 10.835 3.376 9 3.376 9s0-1.825.232-2.705c.13-.482.519-.871.991-1.001C5.48 5.062 9 5.062 9 5.062s3.52 0 4.4.241c.482.13.862.51.992.992.241.88.232 2.714.232 2.714z"/></svg></i></a></div> <!----></li></ul></li><li index="1"><a href="https://developer.okta.com/blog/" target="_blank" rel="noopener noreferrer" class="link link--small link--semi-bold"><span>Blog</span></a> <!----></li><li index="2"><a href="https://www.okta.com/pricing/#customer-identity-products" target="_blank" rel="noopener noreferrer" class="link link--small link--semi-bold"><span>Pricing</span></a> <!----></li></ul> <ul class="menu--items menu--desktop"><li index="0"><a href="https://www.okta.com/" target="_blank" rel="noopener noreferrer" class="link link--small link--semi-bold"><span>Okta.com</span></a> <!----></li><li index="1"><a href="/login/" target="_blank" rel="noopener noreferrer" class="link link--small link--semi-bold"><span>Log in</span></a> <!----></li></ul> <ul class="menu--items menu--mobile"><!----> </ul></div></div> <div class="flex align-items-center"><a href="/signup/" class="sign-up--button"> Sign up </a> <div class="mobile--toggles"><div class="mobile--toggle"><span></span> <span></span> <span></span></div></div> <label class="toggle-switch switch-theme"><span class="light-mode active"><img src="/img/icons/mode-light.svg" width="16" height="16" aria-hidden="true" alt></span> <span class="dark-mode"><img src="/img/icons/mode-dark-not-active.svg" width="12" height="13" aria-hidden="true" alt></span></label></div></header> <div class="header-nav"></div></div> <div class="page-body"><div class="content"><div class="content--container"><!----> <div class="content-area col-xl-10 col-lg-10 col-md-12 col-sm-12"><div class="breadcrumb"><div class="breadcrumb--container"><ol></ol></div></div> <div class="stack-selector no-snippet" data-v-1c8db59a><div class="selector-control" data-v-1c8db59a><span class="instructions-label" data-v-1c8db59a> Instructions for </span> <nav class="select-dropdown" data-v-1c8db59a><div dir="auto" class="v-select vs--single vs--searchable" data-v-1c8db59a> <div id="vs48__combobox" role="combobox" aria-expanded="false" aria-owns="vs48__listbox" aria-label="Search for option" class="vs__dropdown-toggle"><div class="vs__selected-options"><span class="vs__selected"><i class="icon ropassword" data-v-1c8db59a></i><span class="framework" data-v-1c8db59a>Resource Owner Password</span> <!----></span> <input aria-autocomplete="list" aria-labelledby="vs48__combobox" aria-controls="vs48__listbox" type="search" autocomplete="off" value="" class="vs__search"></div> <div class="vs__actions"><button type="button" title="Clear Selected" aria-label="Clear Selected" class="vs__clear" style="display:none;"><svg xmlns="http://www.w3.org/2000/svg" width="10" height="10"><path d="M6.895455 5l2.842897-2.842898c.348864-.348863.348864-.914488 0-1.263636L9.106534.261648c-.348864-.348864-.914489-.348864-1.263636 0L5 3.104545 2.157102.261648c-.348863-.348864-.914488-.348864-1.263636 0L.261648.893466c-.348864.348864-.348864.914489 0 1.263636L3.104545 5 .261648 7.842898c-.348864.348863-.348864.914488 0 1.263636l.631818.631818c.348864.348864.914773.348864 1.263636 0L5 6.895455l2.842898 2.842897c.348863.348864.914772.348864 1.263636 0l.631818-.631818c.348864-.348864.348864-.914489 0-1.263636L6.895455 5z"></path></svg></button> <svg xmlns="http://www.w3.org/2000/svg" width="14" height="10" role="presentation" class="vs__open-indicator"><path d="M9.211364 7.59931l4.48338-4.867229c.407008-.441854.407008-1.158247 0-1.60046l-.73712-.80023c-.407008-.441854-1.066904-.441854-1.474243 0L7 5.198617 2.51662.33139c-.407008-.441853-1.066904-.441853-1.474243 0l-.737121.80023c-.407008.441854-.407008 1.158248 0 1.600461l4.48338 4.867228L7 10l2.211364-2.40069z"></path></svg> <div class="vs__spinner" style="display:none;">Loading...</div></div></div> <ul id="vs48__listbox" role="listbox" style="display:none;visibility:hidden;"></ul> </div></nav></div> <!----></div> <div class="mobile-on-this-page"><h3 class="mobile-header"> On this page </h3> <div dir="auto" class="v-select vs--single vs--unsearchable"> <div id="vs49__combobox" role="combobox" aria-expanded="false" aria-owns="vs49__listbox" aria-label="Search for option" class="vs__dropdown-toggle"><div class="vs__selected-options"><span class="vs__selected"> Grant-type flow <!----></span> <input readonly="readonly" aria-autocomplete="list" aria-labelledby="vs49__combobox" aria-controls="vs49__listbox" type="search" autocomplete="off" value="" class="vs__search"></div> <div class="vs__actions"><button type="button" title="Clear Selected" aria-label="Clear Selected" class="vs__clear" style="display:none;"><svg xmlns="http://www.w3.org/2000/svg" width="10" height="10"><path d="M6.895455 5l2.842897-2.842898c.348864-.348863.348864-.914488 0-1.263636L9.106534.261648c-.348864-.348864-.914489-.348864-1.263636 0L5 3.104545 2.157102.261648c-.348863-.348864-.914488-.348864-1.263636 0L.261648.893466c-.348864.348864-.348864.914489 0 1.263636L3.104545 5 .261648 7.842898c-.348864.348863-.348864.914488 0 1.263636l.631818.631818c.348864.348864.914773.348864 1.263636 0L5 6.895455l2.842898 2.842897c.348863.348864.914772.348864 1.263636 0l.631818-.631818c.348864-.348864.348864-.914489 0-1.263636L6.895455 5z"></path></svg></button> <svg xmlns="http://www.w3.org/2000/svg" width="14" height="10" role="presentation" class="vs__open-indicator"><path d="M9.211364 7.59931l4.48338-4.867229c.407008-.441854.407008-1.158247 0-1.60046l-.73712-.80023c-.407008-.441854-1.066904-.441854-1.474243 0L7 5.198617 2.51662.33139c-.407008-.441853-1.066904-.441853-1.474243 0l-.737121.80023c-.407008.441854-.407008 1.158248 0 1.600461l4.48338 4.867228L7 10l2.211364-2.40069z"></path></svg> <div class="vs__spinner" style="display:none;">Loading...</div></div></div> <ul id="vs49__listbox" role="listbox" style="display:none;visibility:hidden;"></ul> </div></div> <div class="page-title"><h1 class="page-title--title"><!----> Implement authorization by grant type </h1></div> <div class="content__default"><div class="no-selector" data-v-1c8db59a><!----> <aside class="stack-content" data-v-1c8db59a><div class="content__default"><p>This guide explains how to implement a Resource Owner Password flow for your app with Okta.</p> <hr> <h4 id="learning-outcomes">Learning outcomes <a href="#learning-outcomes" class="header-anchor header-link"><svg viewBox="0 0 512 512"><path fill="currentColor" d="M326.612 185.391c59.747 59.809 58.927 155.698.36 214.59-.11.12-.24.25-.36.37l-67.2 67.2c-59.27 59.27-155.699 59.262-214.96 0-59.27-59.26-59.27-155.7 0-214.96l37.106-37.106c9.84-9.84 26.786-3.3 27.294 10.606.648 17.722 3.826 35.527 9.69 52.721 1.986 5.822.567 12.262-3.783 16.612l-13.087 13.087c-28.026 28.026-28.905 73.66-1.155 101.96 28.024 28.579 74.086 28.749 102.325.51l67.2-67.19c28.191-28.191 28.073-73.757 0-101.83-3.701-3.694-7.429-6.564-10.341-8.569a16.037 16.037 0 01-6.947-12.606c-.396-10.567 3.348-21.456 11.698-29.806l21.054-21.055c5.521-5.521 14.182-6.199 20.584-1.731a152.482 152.482 0 0120.522 17.197zM467.547 44.449c-59.261-59.262-155.69-59.27-214.96 0l-67.2 67.2c-.12.12-.25.25-.36.37-58.566 58.892-59.387 154.781.36 214.59a152.454 152.454 0 0020.521 17.196c6.402 4.468 15.064 3.789 20.584-1.731l21.054-21.055c8.35-8.35 12.094-19.239 11.698-29.806a16.037 16.037 0 00-6.947-12.606c-2.912-2.005-6.64-4.875-10.341-8.569-28.073-28.073-28.191-73.639 0-101.83l67.2-67.19c28.239-28.239 74.3-28.069 102.325.51 27.75 28.3 26.872 73.934-1.155 101.96l-13.087 13.087c-4.35 4.35-5.769 10.79-3.783 16.612 5.864 17.194 9.042 34.999 9.69 52.721.509 13.906 17.454 20.446 27.294 10.606l37.106-37.106c59.271-59.259 59.271-155.699.001-214.959z"></path></svg></a></h4> <ul><li>Understand the OAuth 2.0 Resource Owner Password flow.</li> <li>Set up your app with the Resource Owner Password grant type.</li> <li>Implement the Resource Owner Password flow in Okta.</li></ul> <h4 id="what-you-need">What you need <a href="#what-you-need" class="header-anchor header-link"><svg viewBox="0 0 512 512"><path fill="currentColor" d="M326.612 185.391c59.747 59.809 58.927 155.698.36 214.59-.11.12-.24.25-.36.37l-67.2 67.2c-59.27 59.27-155.699 59.262-214.96 0-59.27-59.26-59.27-155.7 0-214.96l37.106-37.106c9.84-9.84 26.786-3.3 27.294 10.606.648 17.722 3.826 35.527 9.69 52.721 1.986 5.822.567 12.262-3.783 16.612l-13.087 13.087c-28.026 28.026-28.905 73.66-1.155 101.96 28.024 28.579 74.086 28.749 102.325.51l67.2-67.19c28.191-28.191 28.073-73.757 0-101.83-3.701-3.694-7.429-6.564-10.341-8.569a16.037 16.037 0 01-6.947-12.606c-.396-10.567 3.348-21.456 11.698-29.806l21.054-21.055c5.521-5.521 14.182-6.199 20.584-1.731a152.482 152.482 0 0120.522 17.197zM467.547 44.449c-59.261-59.262-155.69-59.27-214.96 0l-67.2 67.2c-.12.12-.25.25-.36.37-58.566 58.892-59.387 154.781.36 214.59a152.454 152.454 0 0020.521 17.196c6.402 4.468 15.064 3.789 20.584-1.731l21.054-21.055c8.35-8.35 12.094-19.239 11.698-29.806a16.037 16.037 0 00-6.947-12.606c-2.912-2.005-6.64-4.875-10.341-8.569-28.073-28.073-28.191-73.639 0-101.83l67.2-67.19c28.239-28.239 74.3-28.069 102.325.51 27.75 28.3 26.872 73.934-1.155 101.96l-13.087 13.087c-4.35 4.35-5.769 10.79-3.783 16.612 5.864 17.194 9.042 34.999 9.69 52.721.509 13.906 17.454 20.446 27.294 10.606l37.106-37.106c59.271-59.259 59.271-155.699.001-214.959z"></path></svg></a></h4> <ul><li><a href="https://developer.okta.com/signup" target="_blank" rel="noopener noreferrer">Okta Developer Edition organization<span><svg xmlns="http://www.w3.org/2000/svg" aria-hidden="true" focusable="false" x="0px" y="0px" viewBox="0 0 100 100" width="15" height="15" class="icon outbound"><path fill="currentColor" d="M18.8,85.1h56l0,0c2.2,0,4-1.8,4-4v-32h-8v28h-48v-48h28v-8h-32l0,0c-2.2,0-4,1.8-4,4v56C14.8,83.3,16.6,85.1,18.8,85.1z"></path> <polygon fill="currentColor" points="45.7,48.7 51.3,54.3 77.2,28.5 77.2,37.2 85.2,37.2 85.2,14.9 62.8,14.9 62.8,22.9 71.5,22.9"></polygon></svg> <span class="sr-only">(opens new window)</span></span></a></li> <li>An app that you want to implement OAuth 2.0 authorization with Okta</li></ul> <blockquote><p><strong>Note</strong>: <a href="/signup/">Okta's Developer Edition</a> makes most key developer features available by default for testing purposes. Okta's <a href="/docs/concepts/api-access-management/">API Access Management</a> product — a requirement to use <a href="/docs/concepts/auth-servers/#custom-authorization-server">Custom Authorization Servers</a> — is an optional add-on in production environments.</p></blockquote></div></aside></div> <div class="no-selector" data-v-1c8db59a><!----> <aside class="stack-content" data-v-1c8db59a><div class="content__default"></div></aside></div> <hr> <div class="no-selector" data-v-1c8db59a><!----> <aside class="stack-content" data-v-1c8db59a><div class="content__default"><h2 id="about-the-resource-owner-password-grant">About the Resource Owner Password grant <a href="#about-the-resource-owner-password-grant" class="header-anchor header-link"><svg viewBox="0 0 512 512"><path fill="currentColor" d="M326.612 185.391c59.747 59.809 58.927 155.698.36 214.59-.11.12-.24.25-.36.37l-67.2 67.2c-59.27 59.27-155.699 59.262-214.96 0-59.27-59.26-59.27-155.7 0-214.96l37.106-37.106c9.84-9.84 26.786-3.3 27.294 10.606.648 17.722 3.826 35.527 9.69 52.721 1.986 5.822.567 12.262-3.783 16.612l-13.087 13.087c-28.026 28.026-28.905 73.66-1.155 101.96 28.024 28.579 74.086 28.749 102.325.51l67.2-67.19c28.191-28.191 28.073-73.757 0-101.83-3.701-3.694-7.429-6.564-10.341-8.569a16.037 16.037 0 01-6.947-12.606c-.396-10.567 3.348-21.456 11.698-29.806l21.054-21.055c5.521-5.521 14.182-6.199 20.584-1.731a152.482 152.482 0 0120.522 17.197zM467.547 44.449c-59.261-59.262-155.69-59.27-214.96 0l-67.2 67.2c-.12.12-.25.25-.36.37-58.566 58.892-59.387 154.781.36 214.59a152.454 152.454 0 0020.521 17.196c6.402 4.468 15.064 3.789 20.584-1.731l21.054-21.055c8.35-8.35 12.094-19.239 11.698-29.806a16.037 16.037 0 00-6.947-12.606c-2.912-2.005-6.64-4.875-10.341-8.569-28.073-28.073-28.191-73.639 0-101.83l67.2-67.19c28.239-28.239 74.3-28.069 102.325.51 27.75 28.3 26.872 73.934-1.155 101.96l-13.087 13.087c-4.35 4.35-5.769 10.79-3.783 16.612 5.864 17.194 9.042 34.999 9.69 52.721.509 13.906 17.454 20.446 27.294 10.606l37.106-37.106c59.271-59.259 59.271-155.699.001-214.959z"></path></svg></a></h2> <p>The Resource Owner Password flow isn’t a recommended approach. It’s intended for applications for which no other flow works, as it requires your application code to be fully trusted and protected from credential-stealing attacks. It’s made available primarily to provide a consistent and predictable integration pattern for legacy applications that can't otherwise be updated to a more secure flow such as the Authorization Code flow. This should be your last option, not your first choice.</p> <p>To select the appropriate flow to use for your application, see <a href="/docs/concepts/oauth-openid/#choosing-an-oauth-2-0-flow">OAuth 2.0 and OpenID Connect overview</a>'s decision flowchart.</p></div></aside></div> <h2 id="grant-type-flow">Grant-type flow <a href="#grant-type-flow" class="header-anchor header-link"><svg viewBox="0 0 512 512"><path fill="currentColor" d="M326.612 185.391c59.747 59.809 58.927 155.698.36 214.59-.11.12-.24.25-.36.37l-67.2 67.2c-59.27 59.27-155.699 59.262-214.96 0-59.27-59.26-59.27-155.7 0-214.96l37.106-37.106c9.84-9.84 26.786-3.3 27.294 10.606.648 17.722 3.826 35.527 9.69 52.721 1.986 5.822.567 12.262-3.783 16.612l-13.087 13.087c-28.026 28.026-28.905 73.66-1.155 101.96 28.024 28.579 74.086 28.749 102.325.51l67.2-67.19c28.191-28.191 28.073-73.757 0-101.83-3.701-3.694-7.429-6.564-10.341-8.569a16.037 16.037 0 01-6.947-12.606c-.396-10.567 3.348-21.456 11.698-29.806l21.054-21.055c5.521-5.521 14.182-6.199 20.584-1.731a152.482 152.482 0 0120.522 17.197zM467.547 44.449c-59.261-59.262-155.69-59.27-214.96 0l-67.2 67.2c-.12.12-.25.25-.36.37-58.566 58.892-59.387 154.781.36 214.59a152.454 152.454 0 0020.521 17.196c6.402 4.468 15.064 3.789 20.584-1.731l21.054-21.055c8.35-8.35 12.094-19.239 11.698-29.806a16.037 16.037 0 00-6.947-12.606c-2.912-2.005-6.64-4.875-10.341-8.569-28.073-28.073-28.191-73.639 0-101.83l67.2-67.19c28.239-28.239 74.3-28.069 102.325.51 27.75 28.3 26.872 73.934-1.155 101.96l-13.087 13.087c-4.35 4.35-5.769 10.79-3.783 16.612 5.864 17.194 9.042 34.999 9.69 52.721.509 13.906 17.454 20.446 27.294 10.606l37.106-37.106c59.271-59.259 59.271-155.699.001-214.959z"></path></svg></a></h2> <div class="no-selector" data-v-1c8db59a><!----> <aside class="stack-content" data-v-1c8db59a><div class="content__default"><h3 id="resource-owner-password-flow">Resource Owner Password flow <a href="#resource-owner-password-flow" class="header-anchor header-link"><svg viewBox="0 0 512 512"><path fill="currentColor" d="M326.612 185.391c59.747 59.809 58.927 155.698.36 214.59-.11.12-.24.25-.36.37l-67.2 67.2c-59.27 59.27-155.699 59.262-214.96 0-59.27-59.26-59.27-155.7 0-214.96l37.106-37.106c9.84-9.84 26.786-3.3 27.294 10.606.648 17.722 3.826 35.527 9.69 52.721 1.986 5.822.567 12.262-3.783 16.612l-13.087 13.087c-28.026 28.026-28.905 73.66-1.155 101.96 28.024 28.579 74.086 28.749 102.325.51l67.2-67.19c28.191-28.191 28.073-73.757 0-101.83-3.701-3.694-7.429-6.564-10.341-8.569a16.037 16.037 0 01-6.947-12.606c-.396-10.567 3.348-21.456 11.698-29.806l21.054-21.055c5.521-5.521 14.182-6.199 20.584-1.731a152.482 152.482 0 0120.522 17.197zM467.547 44.449c-59.261-59.262-155.69-59.27-214.96 0l-67.2 67.2c-.12.12-.25.25-.36.37-58.566 58.892-59.387 154.781.36 214.59a152.454 152.454 0 0020.521 17.196c6.402 4.468 15.064 3.789 20.584-1.731l21.054-21.055c8.35-8.35 12.094-19.239 11.698-29.806a16.037 16.037 0 00-6.947-12.606c-2.912-2.005-6.64-4.875-10.341-8.569-28.073-28.073-28.191-73.639 0-101.83l67.2-67.19c28.239-28.239 74.3-28.069 102.325.51 27.75 28.3 26.872 73.934-1.155 101.96l-13.087 13.087c-4.35 4.35-5.769 10.79-3.783 16.612 5.864 17.194 9.042 34.999 9.69 52.721.509 13.906 17.454 20.446 27.294 10.606l37.106-37.106c59.271-59.259 59.271-155.699.001-214.959z"></path></svg></a></h3> <div class="full"><p><img src="/img/authorization/oauth-resource-owner-password-grant-flow.png" alt="Sequence diagram that shows the interaction between the resource owner, authorization server, and resource server for Resource Owner Password flow"></p></div> <p>At a high level, this flow has the following steps:</p> <ol><li><p>The user authenticates with your client application, providing their user credentials.</p></li> <li><p>Your app sends these credentials to the Okta authorization server with its client ID and secret in the request header.</p> <p>Before implementing this redirect request to the authorization server (Okta), you need to <a href="#set-up-your-app">set up your app</a> in Okta. See <a href="#request-for-tokens">Request for tokens</a>.</p></li> <li><p>The authorization server responds with an access token if the credentials are accurate.</p></li> <li><p>Your app uses the access token to make authorized requests to the resource server.</p></li> <li><p>The resource server validates the token before responding to the request. See <a href="#validate-access-token">Validate access token</a>.</p></li></ol></div></aside></div> <div class="no-selector" data-v-1c8db59a><!----> <aside class="stack-content" data-v-1c8db59a><div class="content__default"></div></aside></div> <h2 id="set-up-your-app">Set up your app <a href="#set-up-your-app" class="header-anchor header-link"><svg viewBox="0 0 512 512"><path fill="currentColor" d="M326.612 185.391c59.747 59.809 58.927 155.698.36 214.59-.11.12-.24.25-.36.37l-67.2 67.2c-59.27 59.27-155.699 59.262-214.96 0-59.27-59.26-59.27-155.7 0-214.96l37.106-37.106c9.84-9.84 26.786-3.3 27.294 10.606.648 17.722 3.826 35.527 9.69 52.721 1.986 5.822.567 12.262-3.783 16.612l-13.087 13.087c-28.026 28.026-28.905 73.66-1.155 101.96 28.024 28.579 74.086 28.749 102.325.51l67.2-67.19c28.191-28.191 28.073-73.757 0-101.83-3.701-3.694-7.429-6.564-10.341-8.569a16.037 16.037 0 01-6.947-12.606c-.396-10.567 3.348-21.456 11.698-29.806l21.054-21.055c5.521-5.521 14.182-6.199 20.584-1.731a152.482 152.482 0 0120.522 17.197zM467.547 44.449c-59.261-59.262-155.69-59.27-214.96 0l-67.2 67.2c-.12.12-.25.25-.36.37-58.566 58.892-59.387 154.781.36 214.59a152.454 152.454 0 0020.521 17.196c6.402 4.468 15.064 3.789 20.584-1.731l21.054-21.055c8.35-8.35 12.094-19.239 11.698-29.806a16.037 16.037 0 00-6.947-12.606c-2.912-2.005-6.64-4.875-10.341-8.569-28.073-28.073-28.191-73.639 0-101.83l67.2-67.19c28.239-28.239 74.3-28.069 102.325.51 27.75 28.3 26.872 73.934-1.155 101.96l-13.087 13.087c-4.35 4.35-5.769 10.79-3.783 16.612 5.864 17.194 9.042 34.999 9.69 52.721.509 13.906 17.454 20.446 27.294 10.606l37.106-37.106c59.271-59.259 59.271-155.699.001-214.959z"></path></svg></a></h2> <p>Before you can implement authorization, you need to register your app in Okta by creating an app integration from the Admin Console.</p> <ol><li>Open the <strong>Admin Console</strong> for your org.</li> <li>Choose <strong>Applications</strong> &gt; <strong>Applications</strong> to view the current app integrations.</li> <li>Click <strong>Create App Integration</strong>.</li> <li>Select <strong><div class="no-selector display-inline" data-v-1c8db59a><!----> <aside class="stack-content" data-v-1c8db59a><div class="content__default"><p>OIDC - OpenID Connect</p></div></aside></div></strong> as the <strong>Sign-in method</strong>.</li></ol> <div class="no-selector" data-v-1c8db59a><!----> <aside class="stack-content" data-v-1c8db59a><div class="content__default"><ol start="5"><li>For <strong>Application type</strong>, select <strong>Native Application</strong>, then click <strong>Next</strong>.</li> <li>Enter an <strong>App integration name</strong>.</li> <li>Click <strong>Advanced</strong> in the <strong>Grant type</strong> section, and then select <strong>Resource Owner Password</strong>. <blockquote><p><strong>Note</strong>: If you're using Classic Engine, select <strong>Resource Owner Password</strong> in the <strong>Grant type</strong> section.</p></blockquote></li> <li>Enter the remaining details for your app integration, then click <strong>Save</strong>.</li> <li>Locate the <strong>Client Credentials</strong> section on the <strong>General</strong> tab, and then click <strong>Edit</strong>.</li> <li>For <strong>Client authentication</strong>, select <strong>Client secret</strong>, then click <strong>Save</strong>.</li></ol> <p>Save the generated <strong>Client ID</strong> and <strong>Client secret</strong> values to implement your authorization flow.</p></div></aside></div> <div class="no-selector" data-v-1c8db59a><!----> <aside class="stack-content" data-v-1c8db59a><div class="content__default"></div></aside></div> <h2 id="flow-specifics">Flow specifics <a href="#flow-specifics" class="header-anchor header-link"><svg viewBox="0 0 512 512"><path fill="currentColor" d="M326.612 185.391c59.747 59.809 58.927 155.698.36 214.59-.11.12-.24.25-.36.37l-67.2 67.2c-59.27 59.27-155.699 59.262-214.96 0-59.27-59.26-59.27-155.7 0-214.96l37.106-37.106c9.84-9.84 26.786-3.3 27.294 10.606.648 17.722 3.826 35.527 9.69 52.721 1.986 5.822.567 12.262-3.783 16.612l-13.087 13.087c-28.026 28.026-28.905 73.66-1.155 101.96 28.024 28.579 74.086 28.749 102.325.51l67.2-67.19c28.191-28.191 28.073-73.757 0-101.83-3.701-3.694-7.429-6.564-10.341-8.569a16.037 16.037 0 01-6.947-12.606c-.396-10.567 3.348-21.456 11.698-29.806l21.054-21.055c5.521-5.521 14.182-6.199 20.584-1.731a152.482 152.482 0 0120.522 17.197zM467.547 44.449c-59.261-59.262-155.69-59.27-214.96 0l-67.2 67.2c-.12.12-.25.25-.36.37-58.566 58.892-59.387 154.781.36 214.59a152.454 152.454 0 0020.521 17.196c6.402 4.468 15.064 3.789 20.584-1.731l21.054-21.055c8.35-8.35 12.094-19.239 11.698-29.806a16.037 16.037 0 00-6.947-12.606c-2.912-2.005-6.64-4.875-10.341-8.569-28.073-28.073-28.191-73.639 0-101.83l67.2-67.19c28.239-28.239 74.3-28.069 102.325.51 27.75 28.3 26.872 73.934-1.155 101.96l-13.087 13.087c-4.35 4.35-5.769 10.79-3.783 16.612 5.864 17.194 9.042 34.999 9.69 52.721.509 13.906 17.454 20.446 27.294 10.606l37.106-37.106c59.271-59.259 59.271-155.699.001-214.959z"></path></svg></a></h2> <div class="no-selector" data-v-1c8db59a><!----> <aside class="stack-content" data-v-1c8db59a><div class="content__default"><p>If implementing the Resource Owner Password flow is your only option, you need to make direct calls to the <a href="https://developer.okta.com/docs/api/openapi/okta-oauth/guides/overview/" target="_blank" rel="noopener noreferrer">OIDC &amp; OAuth 2.0 API<span><svg xmlns="http://www.w3.org/2000/svg" aria-hidden="true" focusable="false" x="0px" y="0px" viewBox="0 0 100 100" width="15" height="15" class="icon outbound"><path fill="currentColor" d="M18.8,85.1h56l0,0c2.2,0,4-1.8,4-4v-32h-8v28h-48v-48h28v-8h-32l0,0c-2.2,0-4,1.8-4,4v56C14.8,83.3,16.6,85.1,18.8,85.1z"></path> <polygon fill="currentColor" points="45.7,48.7 51.3,54.3 77.2,28.5 77.2,37.2 85.2,37.2 85.2,14.9 62.8,14.9 62.8,22.9 71.5,22.9"></polygon></svg> <span class="sr-only">(opens new window)</span></span></a>. See the following sections for requests required in the flow.</p> <h3 id="request-for-tokens">Request for tokens <a href="#request-for-tokens" class="header-anchor header-link"><svg viewBox="0 0 512 512"><path fill="currentColor" d="M326.612 185.391c59.747 59.809 58.927 155.698.36 214.59-.11.12-.24.25-.36.37l-67.2 67.2c-59.27 59.27-155.699 59.262-214.96 0-59.27-59.26-59.27-155.7 0-214.96l37.106-37.106c9.84-9.84 26.786-3.3 27.294 10.606.648 17.722 3.826 35.527 9.69 52.721 1.986 5.822.567 12.262-3.783 16.612l-13.087 13.087c-28.026 28.026-28.905 73.66-1.155 101.96 28.024 28.579 74.086 28.749 102.325.51l67.2-67.19c28.191-28.191 28.073-73.757 0-101.83-3.701-3.694-7.429-6.564-10.341-8.569a16.037 16.037 0 01-6.947-12.606c-.396-10.567 3.348-21.456 11.698-29.806l21.054-21.055c5.521-5.521 14.182-6.199 20.584-1.731a152.482 152.482 0 0120.522 17.197zM467.547 44.449c-59.261-59.262-155.69-59.27-214.96 0l-67.2 67.2c-.12.12-.25.25-.36.37-58.566 58.892-59.387 154.781.36 214.59a152.454 152.454 0 0020.521 17.196c6.402 4.468 15.064 3.789 20.584-1.731l21.054-21.055c8.35-8.35 12.094-19.239 11.698-29.806a16.037 16.037 0 00-6.947-12.606c-2.912-2.005-6.64-4.875-10.341-8.569-28.073-28.073-28.191-73.639 0-101.83l67.2-67.19c28.239-28.239 74.3-28.069 102.325.51 27.75 28.3 26.872 73.934-1.155 101.96l-13.087 13.087c-4.35 4.35-5.769 10.79-3.783 16.612 5.864 17.194 9.042 34.999 9.69 52.721.509 13.906 17.454 20.446 27.294 10.606l37.106-37.106c59.271-59.259 59.271-155.699.001-214.959z"></path></svg></a></h3> <p>Before you can begin this flow, collect the user's password in a manner of your choosing. After you collect the credentials, all that's required is a single API call to the <a href="/docs/concepts/auth-servers/">authorization server's</a> <code>/token</code> endpoint. If you're using the org authorization server, then your request would look something like this:</p> <div class="language-bash extra-class"><pre class="language-bash"><code><span class="token function">curl</span> <span class="token parameter variable">--request</span> POST <span class="token punctuation">\</span> <span class="token parameter variable">--url</span> https://<span class="token punctuation">{</span>yourOktaDomain<span class="token punctuation">}</span>/oauth2/v1/token <span class="token punctuation">\</span> <span class="token parameter variable">--header</span> <span class="token string">'accept: application/json'</span> <span class="token punctuation">\</span> <span class="token parameter variable">--header</span> <span class="token string">'authorization: Basic MG9hYn...'</span> <span class="token punctuation">\</span> <span class="token parameter variable">--header</span> <span class="token string">'content-type: application/x-www-form-urlencoded'</span> <span class="token punctuation">\</span> <span class="token parameter variable">--data</span> <span class="token string">'grant_type=password&amp;username=testuser1%40example.com&amp;password=%7CmCovrlnU9oZU4qWGrhQSM%3Dyd&amp;scope=openid'</span> </code></pre></div><blockquote><p><strong>Important:</strong> The call to your <a href="/docs/concepts/auth-servers/">authorization server's</a> <code>/token</code> endpoint requires authentication. In this case, it's a Basic Authentication digest of the client ID and secret. You can find the client ID and secret on your application's <strong>General</strong> tab. See <a href="https://developer.okta.com/docs/api/openapi/okta-oauth/guides/client-auth/#client-authentication-methods" target="_blank" rel="noopener noreferrer">Client Authentication Methods<span><svg xmlns="http://www.w3.org/2000/svg" aria-hidden="true" focusable="false" x="0px" y="0px" viewBox="0 0 100 100" width="15" height="15" class="icon outbound"><path fill="currentColor" d="M18.8,85.1h56l0,0c2.2,0,4-1.8,4-4v-32h-8v28h-48v-48h28v-8h-32l0,0c-2.2,0-4,1.8-4,4v56C14.8,83.3,16.6,85.1,18.8,85.1z"></path> <polygon fill="currentColor" points="45.7,48.7 51.3,54.3 77.2,28.5 77.2,37.2 85.2,37.2 85.2,14.9 62.8,14.9 62.8,22.9 71.5,22.9"></polygon></svg> <span class="sr-only">(opens new window)</span></span></a>.</p></blockquote> <p>Note the parameters that are being passed:</p> <ul><li><code>grant_type</code> is <code>password</code>, indicating that you're using the Resource Owner Password grant type.</li> <li><code>username</code> is the username of a user registered with Okta.</li> <li><code>password</code> is the password of a user registered with Okta.</li> <li><code>scope</code> is at least <code>openid</code>. For custom scopes, see the <strong>Create Scopes</strong> section of the <a href="/docs/guides/customize-authz-server/main/#create-scopes">Create an authorization server guide</a>.</li></ul> <p>For more information on these parameters, see the <a href="https://developer.okta.com/docs/api/openapi/okta-oauth/oauth/tag/CustomAS/#tag/CustomAS/operation/tokenCustomAS" target="_blank" rel="noopener noreferrer">OAuth 2.0 API reference<span><svg xmlns="http://www.w3.org/2000/svg" aria-hidden="true" focusable="false" x="0px" y="0px" viewBox="0 0 100 100" width="15" height="15" class="icon outbound"><path fill="currentColor" d="M18.8,85.1h56l0,0c2.2,0,4-1.8,4-4v-32h-8v28h-48v-48h28v-8h-32l0,0c-2.2,0-4,1.8-4,4v56C14.8,83.3,16.6,85.1,18.8,85.1z"></path> <polygon fill="currentColor" points="45.7,48.7 51.3,54.3 77.2,28.5 77.2,37.2 85.2,37.2 85.2,14.9 62.8,14.9 62.8,22.9 71.5,22.9"></polygon></svg> <span class="sr-only">(opens new window)</span></span></a>.</p> <p>If the credentials are valid, your application receives back access and ID tokens:</p> <div class="language-json extra-class"><pre class="language-json"><code><span class="token punctuation">{</span> <span class="token property">&quot;access_token&quot;</span><span class="token operator">:</span> <span class="token string">&quot;eyJhb[...]56Rg&quot;</span><span class="token punctuation">,</span> <span class="token property">&quot;expires_in&quot;</span><span class="token operator">:</span> <span class="token number">3600</span><span class="token punctuation">,</span> <span class="token property">&quot;id_token&quot;</span><span class="token operator">:</span> <span class="token string">&quot;eyJhb[...]yosFQ&quot;</span><span class="token punctuation">,</span> <span class="token property">&quot;scope&quot;</span><span class="token operator">:</span> <span class="token string">&quot;openid&quot;</span><span class="token punctuation">,</span> <span class="token property">&quot;token_type&quot;</span><span class="token operator">:</span> <span class="token string">&quot;Bearer&quot;</span> <span class="token punctuation">}</span> </code></pre></div><h3 id="validate-access-token">Validate access token <a href="#validate-access-token" class="header-anchor header-link"><svg viewBox="0 0 512 512"><path fill="currentColor" d="M326.612 185.391c59.747 59.809 58.927 155.698.36 214.59-.11.12-.24.25-.36.37l-67.2 67.2c-59.27 59.27-155.699 59.262-214.96 0-59.27-59.26-59.27-155.7 0-214.96l37.106-37.106c9.84-9.84 26.786-3.3 27.294 10.606.648 17.722 3.826 35.527 9.69 52.721 1.986 5.822.567 12.262-3.783 16.612l-13.087 13.087c-28.026 28.026-28.905 73.66-1.155 101.96 28.024 28.579 74.086 28.749 102.325.51l67.2-67.19c28.191-28.191 28.073-73.757 0-101.83-3.701-3.694-7.429-6.564-10.341-8.569a16.037 16.037 0 01-6.947-12.606c-.396-10.567 3.348-21.456 11.698-29.806l21.054-21.055c5.521-5.521 14.182-6.199 20.584-1.731a152.482 152.482 0 0120.522 17.197zM467.547 44.449c-59.261-59.262-155.69-59.27-214.96 0l-67.2 67.2c-.12.12-.25.25-.36.37-58.566 58.892-59.387 154.781.36 214.59a152.454 152.454 0 0020.521 17.196c6.402 4.468 15.064 3.789 20.584-1.731l21.054-21.055c8.35-8.35 12.094-19.239 11.698-29.806a16.037 16.037 0 00-6.947-12.606c-2.912-2.005-6.64-4.875-10.341-8.569-28.073-28.073-28.191-73.639 0-101.83l67.2-67.19c28.239-28.239 74.3-28.069 102.325.51 27.75 28.3 26.872 73.934-1.155 101.96l-13.087 13.087c-4.35 4.35-5.769 10.79-3.783 16.612 5.864 17.194 9.042 34.999 9.69 52.721.509 13.906 17.454 20.446 27.294 10.606l37.106-37.106c59.271-59.259 59.271-155.699.001-214.959z"></path></svg></a></h3> <p>When your application passes a request with an access token, the resource server needs to validate it. See <a href="/docs/guides/validate-access-tokens/">Validate access tokens</a>.</p></div></aside></div> <div class="no-selector" data-v-1c8db59a><!----> <aside class="stack-content" data-v-1c8db59a><div class="content__default"></div></aside></div> <h2 id="next-steps">Next steps <a href="#next-steps" class="header-anchor header-link"><svg viewBox="0 0 512 512"><path fill="currentColor" d="M326.612 185.391c59.747 59.809 58.927 155.698.36 214.59-.11.12-.24.25-.36.37l-67.2 67.2c-59.27 59.27-155.699 59.262-214.96 0-59.27-59.26-59.27-155.7 0-214.96l37.106-37.106c9.84-9.84 26.786-3.3 27.294 10.606.648 17.722 3.826 35.527 9.69 52.721 1.986 5.822.567 12.262-3.783 16.612l-13.087 13.087c-28.026 28.026-28.905 73.66-1.155 101.96 28.024 28.579 74.086 28.749 102.325.51l67.2-67.19c28.191-28.191 28.073-73.757 0-101.83-3.701-3.694-7.429-6.564-10.341-8.569a16.037 16.037 0 01-6.947-12.606c-.396-10.567 3.348-21.456 11.698-29.806l21.054-21.055c5.521-5.521 14.182-6.199 20.584-1.731a152.482 152.482 0 0120.522 17.197zM467.547 44.449c-59.261-59.262-155.69-59.27-214.96 0l-67.2 67.2c-.12.12-.25.25-.36.37-58.566 58.892-59.387 154.781.36 214.59a152.454 152.454 0 0020.521 17.196c6.402 4.468 15.064 3.789 20.584-1.731l21.054-21.055c8.35-8.35 12.094-19.239 11.698-29.806a16.037 16.037 0 00-6.947-12.606c-2.912-2.005-6.64-4.875-10.341-8.569-28.073-28.073-28.191-73.639 0-101.83l67.2-67.19c28.239-28.239 74.3-28.069 102.325.51 27.75 28.3 26.872 73.934-1.155 101.96l-13.087 13.087c-4.35 4.35-5.769 10.79-3.783 16.612 5.864 17.194 9.042 34.999 9.69 52.721.509 13.906 17.454 20.446 27.294 10.606l37.106-37.106c59.271-59.259 59.271-155.699.001-214.959z"></path></svg></a></h2> <div class="no-selector" data-v-1c8db59a><!----> <aside class="stack-content" data-v-1c8db59a><div class="content__default"><p>Now that you have implemented authorization in your app, you can add features such as:</p> <ul><li>Brand customization (<a href="/docs/guides/custom-url-domain/">custom domain</a>, <a href="/docs/guides/custom-sms-messaging/">custom SMS messages</a>, <a href="/docs/guides/custom-url-domain/main/#about-custom-email-notification-domains">custom emails</a>, and <a href="/docs/guides/custom-error-pages/">custom error pages</a>).</li> <li><a href="/docs/guides/oie-embedded-sdk-use-case-self-reg/">Self-service enrollment</a>.</li></ul></div></aside></div></div> <!----> <div class="edit-on-github"><span class="fa fa-github"></span> <span><a id="edit-link" href="https://github.com/okta/okta-developer-docs/edit/master/packages/@okta/vuepress-site/docs/guides/implement-grant-type/main/index.md" target="_blank" rel="noopener noreferrer" data-proofer-ignore>Edit This Page On GitHub</a></span></div></div> <div class="on-this-page"><aside class="on-this-page-navigation"><div style="display:;"><div class="stack-selector no-snippet" data-v-1c8db59a><div class="selector-control" data-v-1c8db59a><span class="instructions-label" data-v-1c8db59a> Instructions for </span> <nav class="select-dropdown" data-v-1c8db59a><div dir="auto" class="v-select vs--single vs--searchable" data-v-1c8db59a> <div id="vs50__combobox" role="combobox" aria-expanded="false" aria-owns="vs50__listbox" aria-label="Search for option" class="vs__dropdown-toggle"><div class="vs__selected-options"><span class="vs__selected"><i class="icon ropassword" data-v-1c8db59a></i><span class="framework" data-v-1c8db59a>Resource Owner Password</span> <!----></span> <input aria-autocomplete="list" aria-labelledby="vs50__combobox" aria-controls="vs50__listbox" type="search" autocomplete="off" value="" class="vs__search"></div> <div class="vs__actions"><button type="button" title="Clear Selected" aria-label="Clear Selected" class="vs__clear" style="display:none;"><svg xmlns="http://www.w3.org/2000/svg" width="10" height="10"><path d="M6.895455 5l2.842897-2.842898c.348864-.348863.348864-.914488 0-1.263636L9.106534.261648c-.348864-.348864-.914489-.348864-1.263636 0L5 3.104545 2.157102.261648c-.348863-.348864-.914488-.348864-1.263636 0L.261648.893466c-.348864.348864-.348864.914489 0 1.263636L3.104545 5 .261648 7.842898c-.348864.348863-.348864.914488 0 1.263636l.631818.631818c.348864.348864.914773.348864 1.263636 0L5 6.895455l2.842898 2.842897c.348863.348864.914772.348864 1.263636 0l.631818-.631818c.348864-.348864.348864-.914489 0-1.263636L6.895455 5z"></path></svg></button> <svg xmlns="http://www.w3.org/2000/svg" width="14" height="10" role="presentation" class="vs__open-indicator"><path d="M9.211364 7.59931l4.48338-4.867229c.407008-.441854.407008-1.158247 0-1.60046l-.73712-.80023c-.407008-.441854-1.066904-.441854-1.474243 0L7 5.198617 2.51662.33139c-.407008-.441853-1.066904-.441853-1.474243 0l-.737121.80023c-.407008.441854-.407008 1.158248 0 1.600461l4.48338 4.867228L7 10l2.211364-2.40069z"></path></svg> <div class="vs__spinner" style="display:none;">Loading...</div></div></div> <ul id="vs50__listbox" role="listbox" style="display:none;visibility:hidden;"></ul> </div></nav></div> <!----></div> <div style="display:;"><div class="title"> On this page </div> <ul class="links"><li><a href="/docs/guides/implement-grant-type/ropassword/main/#grant-type-flow" class="on-this-page-link"><span>Grant-type flow</span></a> <ul id="submenu_grant-type-flow" style="display:none;"></ul></li><li><a href="/docs/guides/implement-grant-type/ropassword/main/#set-up-your-app" class="on-this-page-link"><span>Set up your app</span></a> <ul id="submenu_set-up-your-app" style="display:none;"></ul></li><li><a href="/docs/guides/implement-grant-type/ropassword/main/#flow-specifics" class="on-this-page-link"><span>Flow specifics</span></a> <ul id="submenu_flow-specifics" style="display:none;"></ul></li><li><a href="/docs/guides/implement-grant-type/ropassword/main/#next-steps" class="on-this-page-link"><span>Next steps</span></a> <ul id="submenu_next-steps" style="display:none;"></ul></li></ul></div></div></aside></div></div></div></div> <footer class="app-footer"><div class="app-footer__wrapper wrapper"><h2 class="visually-hidden"> Additional links </h2> <div class="footer--columns"><div class="footer--column need-support"><a href="/" class="footer-logotype"><img src="/img/logotype.svg" width="180" height="28" alt="Okta developer logotype" class="column--header"></a> <p class="footer-text"> Questions? Ask us on the <a href="https://devforum.okta.com/" target="_self" class="link"> forum. </a></p> <ul class="footer-social-networks link-list"><li class="link-list--item"><a href="https://github.com/oktadev" target="_self" class="link link-list--link"><i class="link-list--icon"><svg width="19" height="18" fill="none" xmlns="http://www.w3.org/2000/svg"><path d="M17.214 4.595a9.185 9.185 0 00-3.358-3.358C12.443.412 10.9 0 9.226 0 7.552 0 6.008.412 4.595 1.237a9.184 9.184 0 00-3.358 3.358C.412 6.008 0 7.552 0 9.225c0 2.01.587 3.818 1.76 5.424 1.173 1.606 2.689 2.717 4.546 3.333.217.04.377.012.48-.084a.47.47 0 00.157-.36l-.006-.649c-.004-.408-.006-.764-.006-1.069l-.276.048a3.52 3.52 0 01-.667.042 5.092 5.092 0 01-.835-.084 1.866 1.866 0 01-.805-.36 1.524 1.524 0 01-.528-.739l-.12-.276a3.003 3.003 0 00-.379-.613c-.172-.224-.346-.376-.522-.456l-.084-.06a.882.882 0 01-.156-.144.66.66 0 01-.108-.169c-.025-.056-.005-.102.06-.138.064-.036.18-.054.348-.054l.24.036c.16.032.358.128.595.289.236.16.43.368.582.624.185.328.407.579.667.75.26.173.522.26.787.26.264 0 .492-.021.684-.06.192-.04.373-.101.541-.181.072-.537.268-.95.588-1.238a8.224 8.224 0 01-1.23-.216 4.896 4.896 0 01-1.13-.468 3.233 3.233 0 01-.967-.805c-.256-.32-.466-.741-.63-1.261-.165-.521-.247-1.122-.247-1.802 0-.97.317-1.794.95-2.475-.297-.729-.269-1.545.083-2.45.233-.073.577-.018 1.033.162.457.18.791.334 1.004.462.212.128.382.237.51.325a8.53 8.53 0 012.307-.313 8.53 8.53 0 012.306.313l.457-.289c.312-.192.68-.368 1.104-.528.425-.16.75-.204.974-.132.36.905.392 1.721.096 2.45.632.68.949 1.506.949 2.475 0 .68-.082 1.283-.246 1.808-.164.524-.377.944-.637 1.26a3.36 3.36 0 01-.973.8 4.916 4.916 0 01-1.13.468 8.208 8.208 0 01-1.23.217c.416.36.624.929.624 1.705v2.535c0 .144.05.264.15.36.1.096.258.124.475.084 1.858-.617 3.373-1.728 4.547-3.333 1.173-1.606 1.76-3.414 1.76-5.424-.001-1.673-.414-3.217-1.238-4.63z"/></svg></i> <span class="link-list--text"></span></a></li><li class="link-list--item"><a href="https://twitter.com/OktaDev" target="_self" class="link link-list--link"><i class="link-list--icon"><svg width="19" height="16" viewBox="0 0 19 16" fill="none" xmlns="http://www.w3.org/2000/svg"><path d="M18.6702 2.27734C17.9905 2.57812 17.2639 2.78125 16.4983 2.875C17.2796 2.40625 17.8811 1.66406 18.1624 0.78125C17.4319 1.21484 16.6233 1.53125 15.76 1.69922C15.0686 0.960937 14.0843 0.5 12.9983 0.5C10.9085 0.5 9.21707 2.19531 9.21707 4.28516C9.21707 4.58203 9.24832 4.87109 9.31473 5.14844C6.1702 4.99219 3.38113 3.48438 1.51785 1.19141C1.19363 1.75 1.00613 2.40234 1.00613 3.09375C1.00613 4.40625 1.67801 5.56641 2.69363 6.24609C2.06863 6.23047 1.4827 6.05859 0.974884 5.77344V5.82031C0.974884 7.65625 2.27957 9.18359 4.01004 9.53125C3.69363 9.61719 3.3577 9.66406 3.01395 9.66406C2.77176 9.66406 2.53348 9.64062 2.30301 9.59375C2.78348 11.0977 4.18192 12.1914 5.83817 12.2227C4.5452 13.2383 2.91238 13.8438 1.13895 13.8438C0.834259 13.8438 0.533478 13.8242 0.236603 13.7891C1.90457 14.875 3.89285 15.5 6.02567 15.5C12.9905 15.5 16.7952 9.73047 16.7952 4.72656C16.7952 4.5625 16.7913 4.39844 16.7835 4.23828C17.5218 3.70312 18.1624 3.03906 18.6702 2.27734Z" fill="#FFFEFA"/></svg></i> <span class="link-list--text"></span></a></li><li class="link-list--item"><a href="https://www.youtube.com/c/oktadev" target="_self" class="link link-list--link"><i class="link-list--icon"><svg width="21" height="20" viewBox="0 0 21 20" fill="none" xmlns="http://www.w3.org/2000/svg"><g clip-path="url(#clip0_2189_11938)"><path fill-rule="evenodd" clip-rule="evenodd" d="M19.3916 4.06438C19.7034 4.37475 19.9281 4.7617 20.0431 5.18637C20.4514 6.74547 20.4596 10.0003 20.4596 10.0003C20.4596 10.0003 20.4596 13.2552 20.0431 14.8143C19.9271 15.2377 19.702 15.6233 19.3902 15.9325C19.0785 16.2416 18.691 16.4635 18.2666 16.5759C16.7075 16.9941 10.4514 16.9941 10.4514 16.9941C10.4514 16.9941 4.19683 16.9941 2.63772 16.5825C2.21389 16.4685 1.82745 16.2452 1.51712 15.9349C1.20679 15.6246 0.983464 15.2381 0.869531 14.8143C0.451355 13.2552 0.451355 10.0003 0.451355 10.0003C0.451355 10.0003 0.451355 6.74547 0.869531 5.18637C0.983464 4.76254 1.20679 4.3761 1.51712 4.06576C1.82745 3.75543 2.21389 3.53211 2.63772 3.41818C4.19518 3 10.4514 3 10.4514 3C10.4514 3 16.7059 3 18.2666 3.41818C18.6918 3.53115 19.0798 3.75401 19.3916 4.06438ZM13.6484 10.0003L8.45087 7.00061V13L13.6484 10.0003Z" fill="#FFFEFA"/></g><defs><clipPath id="clip0_2189_11938"><rect width="20" height="20" fill="white" transform="translate(0.451355)"/></clipPath></defs></svg></i> <span class="link-list--text"></span></a></li><li class="link-list--item"><a href="https://developer.okta.com/feed.xml" target="_self" class="link link-list--link"><i class="link-list--icon"><svg xmlns="http://www.w3.org/2000/svg" width="19" height="18" fill="none"><circle cx="9.451" cy="9" r="9" fill="#FFFEFA"/><path fill="#191919" d="M15.415 9.809c-.811-3.268-3.971-5.984-7.452-6.406-.736-.088-1.41.412-1.5 1.114-.094.702.426 1.348 1.163 1.438 2.371.285 4.622 2.22 5.176 4.45.063.255.205.482.408.658.328.282.78.392 1.209.295.72-.164 1.166-.859.996-1.55Z"/><path fill="#191919" d="M11.42 10.924c-.395-1.76-2.009-3.295-3.701-3.522-.616-.083-1.18.381-1.259 1.034-.077.651.364 1.247.976 1.333.771.103 1.615.904 1.795 1.707.053.237.171.449.342.61.275.262.654.365 1.013.274.604-.152.978-.796.835-1.436ZM8.03 12.817a1.33 1.33 0 1 0-1.98-1.777 1.33 1.33 0 0 0 1.98 1.777Z"/></svg></i> <span class="link-list--text"></span></a></li></ul></div> <div class="footer--column contact"><h3 class="column--header"> Contact &amp; Legal </h3> <ul class="link-list"><li class="link-list--item"><a href="https://www.okta.com/contact/" target="_self" class="link link-list--link"><span class="link-list--text">Contact our team</span></a></li><li class="link-list--item"><a href="https://www.okta.com/contact-sales/" target="_self" class="link link-list--link"><span class="link-list--text">Contact sales</span></a></li><li class="link-list--item"><a href="/terms/" class="link link-list--link"><span class="link-list--text">Developer Service terms</span></a></li><li class="link-list--item"><a href="https://www.okta.com/terms-of-service/" target="_blank" rel="noopener noreferrer" class="link link-list--link"><span class="link-list--text">Site terms</span></a></li><li class="link-list--item"><a href="https://www.okta.com/privacy-policy/" target="_self" class="link link-list--link"><span class="link-list--text">Privacy policy</span></a></li><li class="link-list--item"><a href="/copyright/" class="link link-list--link"><span class="link-list--text">Copyright &amp; trademarks</span></a></li></ul></div> <div class="footer--column more"><h3 class="column--header"> More information </h3> <ul class="link-list"><li class="link-list--item"><a href="/okta-integration-network/" class="link link-list--link"><span class="link-list--text">Integrate with Okta</span></a></li><li class="link-list--item"><a href="https://www.okta.com/pricing/#workforce-identity-pricing" target="_blank" rel="noopener noreferrer" class="link link-list--link"><span class="link-list--text">Pricing</span></a></li><li class="link-list--item"><a href="/3rd_party_notices/" class="link link-list--link"><span class="link-list--text">3rd-party notes</span></a></li><li class="link-list--item"><a href="https://developer.auth0.com/" target="_blank" rel="noopener noreferrer" class="link link-list--link"><span class="link-list--text">Customer Identity Cloud</span></a></li><li class="link-list--item"><a href="/archive/" class="link link-list--link"><span class="link-list--text">Archive</span></a></li></ul></div> <div class="footer--column websites"><div class="website"><a href="https://www.okta.com/" target="_blank" rel="noopener noreferrer" class="link link--small link--bold link--uppercase link--spacing-large link--with-chevron-right link--heading"><span>OKTA.COM</span></a> <span class="description">Products, case studies, resources</span></div><div class="website"><a href="https://support.okta.com/help/s/" target="_blank" rel="noopener noreferrer" class="link link--small link--bold link--uppercase link--spacing-large link--with-chevron-right link--heading"><span>HELP CENTER</span></a> <span class="description">Knowledgebase, roadmaps, and more</span></div><div class="website"><a href="https://trust.okta.com/" target="_blank" rel="noopener noreferrer" class="link link--small link--bold link--uppercase link--spacing-large link--with-chevron-right link--heading"><span>TRUST</span></a> <span class="description">System status, security, compliance</span></div></div> <div class="copyright"><span>Copyright © 2024 Okta. All rights reserved.</span></div></div></div></footer> <div id="feedback-tab"><a id="feedback-link" href="#" title="Submit feedback"><div id="feedback-container"><p id="feedback-text">Feedback</p></div></a></div></div><div class="global-ui"></div></div> <script src="/assets/js/app.8d18bbef.js" defer></script><script src="/assets/js/185.c681fd7f.js" defer></script><script src="/assets/js/187.158c23d4.js" defer></script><script src="/assets/js/65.d1132cc4.js" defer></script><script src="/assets/js/225.45dd681b.js" defer></script><script src="/assets/js/188.7802dab9.js" defer></script><script src="/assets/js/219.321ff151.js" defer></script><script src="/assets/js/80.6ed389a3.js" defer></script><script src="/assets/js/204.a717d129.js" defer></script><script src="/assets/js/206.c32c8d9a.js" defer></script><script src="/assets/js/216.08cb65a0.js" defer></script><script src="/assets/js/81.b90fa567.js" defer></script><script src="/assets/js/210.8b5a03b4.js" defer></script><script src="/assets/js/195.76e2f625.js" defer></script><script src="/assets/js/220.2c485c69.js" defer></script><script src="/assets/js/202.5c8678e1.js" defer></script><script src="/assets/js/5.4dbcc072.js" defer></script><script src="/assets/js/259.04c1dca9.js" defer></script><script src="/assets/js/906.d0acd127.js" defer></script><script src="/assets/js/235.7785cb7b.js" defer></script><script src="/assets/js/905.7d8ca548.js" defer></script><script src="/assets/js/907.1b86b839.js" defer></script><script src="/assets/js/901.fcbf9921.js" defer></script><script src="/assets/js/899.7a87feba.js" defer></script><script src="/assets/js/909.f6564977.js" defer></script><script src="/assets/js/908.c17200f3.js" defer></script><script src="/assets/js/903.fef5ff34.js" defer></script><script src="/assets/js/910.310e7ccb.js" defer></script><script src="/assets/js/900.212667ac.js" defer></script><script src="/assets/js/904.632f45ea.js" defer></script><script src="/assets/js/205.2b78ea63.js" defer></script><script src="/assets/js/191.c4d08a47.js" defer></script><script src="/assets/js/64.2aa9ad79.js" defer></script><script src="/assets/js/215.a532e816.js" defer></script> </body> </html>

Pages: 1 2 3 4 5 6 7 8 9 10