(Preferred authentication method is While "Code Grant" . is the preferred authentication method, as it provides a higher level of security, "Password Grant" is a fallback methodalso available)
With the resource owner password credentials grant type, the user provides their service credentials (username and password) directly to the application, which uses the credentials to obtain an access token from the service. This grant type should only be enabled on the authorization server if other flows are not viable. Also, it should only be used if the application is trusted by the user (e.g. it is owned by the service , or the user's desktop OS.
...
When you add the received <CODE> server response with a json JSON object with your access_token.
...