Authorization Grant Type - "Password Credentials" got deprecated.

Could you please help me out with an alternative way to generate user access token with client id, client secret, username and password for spring boot application (No open id connect).

Update: I wanted to authenticate API users from different/multiple frontend applications using respective client details along with appropriate user credentials using spring boot latest version i.e., v 3.2.0

PFA OAuth flow i am aware and needed to implement. OAuth Authentication Flow

1

There are 1 answers

0
ch4mp On

To authenticate users, you should use authorization_code flow.

You won't collect user credentials in your code (frontend or client), only the authorization server will (in its own forms with its own internal client).