question

ao avatar image
0 Likes"
ao asked

Why OAuth Password Grant Type is not supported for service to service interaction?

In order to use Catalog and Compliance APIs need implement OAuth Code Crant Flow with User Authorization. We need invoke a new Api from internal service which provides automatic product updates. This flow is not suitable for 'service to service' interaction. Why OAuth Password Grant Type is not supported?
oauth
10 |600 characters needed characters left characters exceeded

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

krich_developersupport avatar image
0 Likes"
krich_developersupport answered
In general, you need a User access token (minted with a Authorization Code Grant request) to make requests to methods that access confidential resources, such as user information. The Compliance API returns data pertaining to specific users, hence the need for a User access token for the methods in the Compliance API. Likewise, most methods in the Catalog API require User access tokens. However, the methods in the **product_metadata** resource (such as **getProductMetadataForCategories**) can be called with a Application access token.
10 |600 characters needed characters left characters exceeded

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

ao avatar image
0 Likes"
ao answered
Thank you for the response. OAuth Authorization Code Grant implies the redirecting mechanism with manual user login which is not suitable for 'service to service' interaction. The [Password Grant flow][1] returns user access token and can be used for trusted applications. Are you going to support Password Grant Flow? [1]: https://www.oauth.com/oauth2-servers/access-tokens/password-grant/
10 |600 characters needed characters left characters exceeded

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Write an Answer

Hint: Notify or tag a user in this post by typing @username.

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.