The Resource Owner Password Flow is intended for use cases where you control both the client application and the resource that it is interacting with. At a high-level, this flow has the following steps:

  • Your client application collects a user's credentials.
  • Your application sends these credentials to your Okta authorization server.
  • If the credentials are accurate, Okta responds with the requested tokens.

For more information on the resource owner password flow, including why to use it, see our OAuth 2.0 overview.


Featured Guides