Does OpenID Connect support the Resource Owner Password Credentials grant?

Kramer00 picture Kramer00 · Jun 4, 2014 · Viewed 12.9k times · Source

I have been using OAuth resource owner credential flow previously for authorization.

However I would now like to consider using openid connect in pace of this, for authentication and authorization, and was wondering if the resource owner credential flow is supported in openid connect.

Answer

Owen Cao picture Owen Cao · Jun 5, 2014

Yes, OpenID Connect supports all OAuth 2.0 grant types including Resource Owner Password Credentials Grant and Client Credentials Grant.

As we know, Authorization Code Grant and Implicit Grant are typical 3-legged flows including interaction between a client, an authorization server and a user. While the Resource Owner Password Credential Grant and Client Credential Grant are 2-legged which means the client uses pre-authorized scopes so that no interaction with the user is necessary, removing the need to perform one of the legs in the typical flow.

Here is a reference: Configuring an OpenID Connect Provider to enable 2-legged OAuth requests