Open Closed

Token Generation: Moving the user details to Authorization #7072

User avatar
0
Karthigeyan created

Hi Team,

Currently for the Token generation (IdentityServer), we are passing the information like "client_id, client_secrets, username, password" via body of "urlencoded" format (as per the ABP framework). May I know, is there any way we can pass these details via "Authorization" and also would like to know can we achieve the same by only passing the "Username" and "Password" via "Authorization" instead of sending client_id and cilent_secret

Thanks, Karthigeyan R

Go to accepted answer
1 Answer(s)
  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi

    This is designed by OAuth2, You can't do that.

    See https://datatracker.ietf.org/doc/html/rfc6749#section-4.3.2 https://www.oauth.com/oauth2-servers/access-tokens/password-grant/

Assignee
User avatar maliming
Labels
None yet
Boost Your Development
ABP Live Training
Packages
See Trainings
Mastering ABP Framework Book
Do you need assistance from an ABP expert?
Schedule a Meeting
Mastering ABP Framework Book
The Official Guide
Mastering
ABP Framework
Learn More
Mastering ABP Framework Book
Made with ❤️ on ABP v9.2.0-preview. Updated on March 20, 2025, 18:00