Does resource owner password Flow works with ADFS

varun2chadha · December 26, 2018, 6:40am

Hi,

I am planning to set-up a native app in OKTA with grant type as Resource Owner Password. My goal is to create an API which returns the access token. I am using below curl request:

curl
–request POST
–url https://<>.oktapreview.com/oauth2/ausikiy37irRh45HS0i7/v1/token
–header ‘accept: application/json’
–header ‘content-type: application/x-www-form-urlencoded’
–header ‘Authorization: Basic MG9haWsycTF2OHhGbTBnaU4waDc6SGNGaXlSZXpXZXJXcFVzWE1aTFp6YzAwWFUxeDZoU3NoS0Z5b3ZyZg==’
–data ‘grant_type=password&username=<>password=<>&scope=custom_scope’

Users are created through ADFS, so would this approach of getting access token work for my case?

Thanks,
Varun

bretterer · December 27, 2018, 3:49pm

First, you will want to change your keys as the Authorization you listed is a simple base64 encoded string that can be decoded to get the id and secret to access your application.

in theory, yes, it should work. Have you tried this route. are you experiencing any issues here?

varun2chadha · December 28, 2018, 7:12am

I have not yet tried it, but i saw below link where in it is mentioned that resource owner password flow got failed for ADFS users, so just want to confirm if i should even think about designing solution in this way:

Resource Owner Password Flow Native App Failure

Post		Replies	Views
Resource Owner Password Flow Native App Failure OAuth/OIDC	5	7147	April 23, 2018
Okta resource owner password flow OAuth/OIDC	3	2915	February 14, 2024
Query regarding Resource Owner Password Flow Support in Native Applications Questions	2	3413	April 13, 2020
Okta API- Resource owner password flow /token API nodejs	10	11483	April 14, 2023
The authorization grant type is not supported by the authorization server OAuth/OIDC api	4	14959	January 19, 2024

Does resource owner password Flow works with ADFS

Related topics