IOAuthAuthorizationServerProvider.GrantResourceOwnerCredentials Method (OAuthGrantResourceOwnerCredentialsContext)

  • Article

 

Called when a request to the Token endpoint arrives with a "grant_type" of "password". This occurs when the user has provided name and password credentials directly into the client application's user interface, and the client application is using those to acquire an "access_token" and optional "refresh_token". If the web application supports the resource owner credentials grant type it must validate the context.Username and context.Password as appropriate. To issue an access token the context.Validated must be called with a new ticket containing the claims about the resource owner which should be associated with the access token. The application should take appropriate measures to ensure that the endpoint isn’t abused by malicious callers. . The default behavior is to reject this grant type. See also http://tools.ietf.org/html/rfc6749\#section-4.3.2

Namespace:   Microsoft.Owin.Security.OAuth
Assembly:  Microsoft.Owin.Security.OAuth (in Microsoft.Owin.Security.OAuth.dll)

Syntax

Task GrantResourceOwnerCredentials(
    OAuthGrantResourceOwnerCredentialsContext context
)

Task^ GrantResourceOwnerCredentials(
    OAuthGrantResourceOwnerCredentialsContext^ context
)

abstract GrantResourceOwnerCredentials : 
        context:OAuthGrantResourceOwnerCredentialsContext -> Task

Function GrantResourceOwnerCredentials (
    context As OAuthGrantResourceOwnerCredentialsContext
) As Task

Parameters

Return Value

Type: System.Threading.Tasks.Task

Task to enable asynchronous execution

See Also

IOAuthAuthorizationServerProvider Interface
Microsoft.Owin.Security.OAuth Namespace

Return to top