How to Use OAuth2 for the Password Credentials Grant Type
OAuth2 authentication can be implemented in various ways, depending on the collection structure and specific requirements. You can configure OAuth2 at either the collection level or request level.
OAuth2 Configuration
Select OAuth 2.0 as the authentication method and set the grant type to Password Credentials. Fill in the following required fields:
- Access Token URL: The endpoint to obtain the access token
- Username: The resource owner's username
- Password: The resource owner's password
- Client ID: Your application's client identifier
- Client Secret: Your application's client secret
- Scope: (Optional) The requested scope
- Add Credentials to: Choose how to send credentials (Request Body or Basic Auth Header)
Token Configuration and Usage
Before getting the access token, configure how you want to use it in your requests:
- Token Usage Configuration:
- Add token to: Specify how the token should be included in requests:
- Headers: Adds the token to request headers with a configurable prefix (default:
"Bearer"). - URL: Adds the token as a URL query parameter with a configurable parameter name (default:
"access_token").
- Headers: Adds the token to request headers with a configurable prefix (default:
- Add token to: Specify how the token should be included in requests:
Note: You may optionally assign a Token ID to your token. If you do, you can reference this token in requests using the format
{{$oauth2.tokenId.access_token}}(replacetokenIdwith your Token ID).If you use the same Token ID in multiple OAuth requests, Bruno will overwrite the existing token data. Make sure to use unique Token IDs for different OAuth configurations.
- Click Get Access Token to obtain and store the token.
Note: You can click the 'Clear Cache' button to remove the stored token and request a new one.