OAuth 2.0 Password Grant

RFC 6749 ยง1.3.3

The Password grant type is used by first-party clients to exchange a user's credentials for an access token.

Since this involves the client asking the user for their password, it should not be used by third party clients. In this flow, the user's username and password are exchanged directly for an access token.

More resources