cancel
Showing results for 
Search instead for 
Did you mean: 

Can we send UserName and Password in Body for Oauth Access token?

former_member638588
Participant
0 Kudos
368

Hi Experts,

I have followed the article to setup web service in my project https://help.hybris.com/6.0.0/hcd/627c92db29ce4fce8b01ffbe478a8b3b.html#loio4079b4327ac243b6b3bd507c...)

My concern is we send the "username" and "password" in the request parameter. Is it not security issue. Is it possible to send the username and password in body. I tried it did not work , Can anybody help??

Below is the request I have

https://localhost:9002/authorizationserver/oauth/token?client_id=XXX_client&client_secret=XXXX&grant...

Regards, Yashwanth

Accepted Solutions (0)

Answers (1)

Answers (1)

former_member747843
Active Participant
0 Kudos

Hi
You should be able to send it as Post Body but you need to set Content-Type: application/x-www-form-urlencoded