diff options
author | Jonathan Huot <jonathan.huot@gmail.com> | 2019-10-25 11:10:27 +0200 |
---|---|---|
committer | Jonathan Huot <jonathan.huot@gmail.com> | 2019-10-25 11:10:27 +0200 |
commit | 842f5da2702ad76bb043c48ad5726da754277828 (patch) | |
tree | 95d37434f1394bbd541b973eb543ea958400737d | |
parent | 3a4459bdd83744a3cd3a698997a6a4b483b0c6e0 (diff) | |
download | oauthlib-842f5da2702ad76bb043c48ad5726da754277828.tar.gz |
Added clarity about ROPC & usage from RFC
-rw-r--r-- | docs/oauth2/grants/grants.rst | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/docs/oauth2/grants/grants.rst b/docs/oauth2/grants/grants.rst index d2d9dcc..e183761 100644 --- a/docs/oauth2/grants/grants.rst +++ b/docs/oauth2/grants/grants.rst @@ -21,8 +21,10 @@ serves less secure applications such as Mobile Applications or Single-Page Applications, the :doc:`Client Credentials grant </oauth2/grants/credentials>` is excellent for embedded services and backend applications. We have also the :doc:`Resource Owner Password -Credentials grant </oauth2/grants/password>` for legacy applications -to incrementally transition to OAuth 2. +Credentials grant </oauth2/grants/password>` when there is a high +degree of trust between the resource owner and the client, and when +other authorization grant types are not available. This is also often +used for legacy applications to incrementally transition to OAuth 2. The main purpose of the grant types is to authorize access to protected resources in various ways with different security credentials. |