Support for Basic HTTP Auth in OAuth 2.0

asked 2019-03-25 10:01:45 -0500

hxue gravatar image

updated 2019-03-26 11:26:58 -0500

It works when i use postman to get access token.

The grant type I am using is 'Resource Owner Password Credentials Grant' and I find that there are 2 kinds of authentication for client in Postman:

  1. Send as Basic Auth Header: If I choose this option that means the clientid:secret base64 encoded goes in the http Authorization header.. no need to put it in the body.. no purpose for it.. no need for it.. extra data in the payload for nothing in return..

  2. Send client credentials in body: If I choose this option that means the clientid and secret go in the body not the header

The 1st one works for my application, but I can not find any option like that in HTTP Client.

here are the screen shot of configuration: image description image description image description image description image description

edit retag flag offensive close merge delete