Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

What are the main difference between Personal access client and Password client in laravel passport?

I am new to oAuth2 and laravel-passport, i don't fully understand the difference between getting access token using personal access client and password client. Your explanation would be highly appreciated. Thank you

enter image description here

like image 597
Pen Lymeng Avatar asked Jan 20 '19 09:01

Pen Lymeng


1 Answers

First, Having a basic understanding of OAuth can wipe a little bit confusion. So, I'll suggest you to become familiar with general terminology. Some articles:

  • http://www.bubblecode.net/en/2016/01/22/understanding-oauth2/
  • https://alexbilbie.com/guide-to-oauth-2-grants/

Now lets get back to your question!

  • Personal Access Clients who has personal access tokens are authorized to access your Resource Server. Personal access tokens are good for giving third party applications access to your API without requiring your user to input their credentials in a potentially untrusted client.

  • On the other hand, Password Grant Clients are your clients and you'd use password grant for them, where it is safe for the users to provide their credentials manually. password grant tokens generate while users provide valid credentials. Its generally used for first party clients and should not be used by third party clients.

like image 90
S M Iftakhairul Avatar answered Sep 29 '22 12:09

S M Iftakhairul