Token Endpoint Options

Token Grants

Axioms support following OAuth2 token grants.

Grant TypeSupportedEnabled by defaultDescription
Authorization CodeYesYesUsed by clients to exchange an authorization code for id_token, access_token, optionally refresh_token on behalf of user. Typically used by standard web, mobile and single-page applications
Client CredentialYesYesUsed by clients to obtain access_token, optionally refresh_token outside of the context of a user. Typically used by service account and IoT applications to access data about themselves.
Refresh TokenYesYesUsed to exchange a refresh_token for an access_token when the access token has expired.
Username PasswordYesNoUsed by a highly-trusted client to obtain access_token, optionally refresh_token on behalf of user. For security reasons, this grant type is not recommended.
Device CodeYesYesUsed by clients with limited or constrained browsing or user interaction capabilities to obtain access_token, optionally refresh_token on behalf of user. Typically used by IoT devices such Smart TV, Refrigerators, command-line interface (CLI) applications.

Authorization Endpoint Options

Navigate to Tenant and then find Token Endpoint Options panel under Tenant Settings tab. You can enable or disable one or more grant types and click Update Details.

Manage Token Endpoint Options
Manage Token Endpoint Options