Menu
I'm using django-oauth2-provider with rest-framework to provide authentication in my API. My mobile app is going to connect to my REST API to retrieve some data. No third party apps are going to get involved in the process.
According to this, the grant type required for this use case would be the password grant. Since it's a bad idea to store the secret in the device, I need to access the token without it.
I tried to send a request without the secret:
curl -X POST -d "client_id=MY_CLIENT_ID&grant_type=password&username=user&password=pass" http://localhost:8000/oauth2/access_token/
But the response I get is:
{"error": "invalid_client"}
My question is whether it is possible to do this with django-oauth2-provider, and how to do it.
457
Authorization Grant Type as Resource owner password-basedWSGIPassAuthorization On at same place as WSGIScriptAlias
176
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
