(While "Code Grant" is the preferred authentication method, as it provides a higher level of security,  "Password Grant" is also available)

With the resource owner password credentials grant type, the user provides their service credentials (username and password) directly to the application, which uses the credentials to obtain an access token from the service. This grant type should only be enabled on the authorization server if other flows are not viable. Also, it should only be used if the application is trusted by the user (e.g. it is owned by the service or the user's desktop OS.

Password Grant Flow

Send a POST request to to  <OAUTH2_SERVER_URL >/token?params…

When you add the received <CODE> server response with a JSON object with your access_token.

Example C# code:
var client = new RestClient(Config.OAUTH2_SERVER_URL);
var request = new RestRequest("token", Method.POST);
request.AddHeader("Content-Type", "application/x-www-form-urlencoded");

request.AddQueryParameter("grant_type", "password");
request.AddQueryParameter("username", Config.USER);
request.AddQueryParameter("password", Config.PASSWORD);
request.AddQueryParameter("client_id", Config.CLIENT_ID);
request.AddQueryParameter("client_secret", Config.CLIENT_SECRET);

Example Json Response:
{"access_token": "a49765jhfhgs.....", "refresh_token": "8768ehg3uyu34r....", "expires_in":1516714140406}

Step 2: Request Data from GAPI

Send a GET / POST request to to  <RESOURCE_SERVER_URL>/gapi/v1/path….

Depending on called POST method you sometimes need to add:
to the Header.

Add the received < access_token > in the Request Header.

You are now authenticated against GAPI with roles defined in TMS.

Example C# code:
var client = new RestClient(Config.RESOURCE_SERVER_URL);
var request = new RestRequest(Config.RESOURCE_SERVER_PATH, Method.GET);

request.AddHeader("Authorization", "Bearer " + < access_token >);
request.AddHeader("Content-Type", "application/json");

  • No labels