0
Karthigeyan created
Hi Team,
Currently for the Token generation (IdentityServer), we are passing the information like "client_id, client_secrets, username, password" via body of "urlencoded" format (as per the ABP framework). May I know, is there any way we can pass these details via "Authorization" and also would like to know can we achieve the same by only passing the "Username" and "Password" via "Authorization" instead of sending client_id and cilent_secret
Thanks, Karthigeyan R
1 Answer(s)
-
0
hi
This is designed by OAuth2, You can't do that.
See https://datatracker.ietf.org/doc/html/rfc6749#section-4.3.2 https://www.oauth.com/oauth2-servers/access-tokens/password-grant/
