What is the purpose of grant_type parameter in OAuth 2 Authentication

laravel oauth-2.0 lumen

Hariharan · Jul 12, 2017 · Viewed 13.3k times · Source

I am using OAuth 2 Authentication in Lumen microframework. Right now i am using the grant_type value is password. It throws unsupported_grant_type, If i am using something different. I want to know the purpose of using grant_type is password

Answer

The grant_type URL parameter is required by OAuth2 RFC for the /token endpoint, which exchanges a grant for real tokens. So the OAuth2 server knows what you are sending to it. You are using the Resource Owner Password Credentials Grant, so you must specify it with the value password.

From the OAuth2 RFC:

An authorization grant is a credential representing the resource owner's authorization (to access its protected resources) used by the client to obtain an access token.

The grant_type=password means that you are sending a username and a password to the /token endpoint. If you used the Authorization Code Grant flow, you could use the value authorization_code. But then you don't send the username+password pair, but a code received from the OAuth2 server after user authentication. The code is an arbitrary string - not human readable. It's nicely shown in the workflow diagrams in the RFC.

What is the purpose of grant_type parameter in OAuth 2 Authentication

Answer

Related questions