Why OAuth Password Grant Type is not supported for service to service interaction?
In order to use Catalog and Compliance APIs need implement OAuth Code Crant Flow with User Authorization. We need invoke a new Api from internal service which provides automatic product updates. This flow is not suitable for 'service to service' interaction. Why OAuth Password Grant Type is not supported?
In general, you need a User access token (minted with a Authorization Code Grant request) to make requests to methods that access confidential resources, such as user information. The Compliance API returns data pertaining to specific users, hence the need for a User access token for the methods in the Compliance API. Likewise, most methods in the Catalog API require User access tokens. However, the methods in the **product_metadata** resource (such as **getProductMetadataForCategories**) can be called with a Application access token.
Thank you for the response. OAuth Authorization Code Grant implies the redirecting mechanism with manual user login which is not suitable for 'service to service' interaction. The [Password Grant flow] returns user access token and can be used for trusted applications. Are you going to support Password Grant Flow? :