TokenFormData

This is the identifier of the OAuth 2.0 client that was registered in VMware Identity Manager.

client_secret

The list of scopes of the authorization request separated by a space and is URL encoded. The scopes must be equivalent or a subset of the scopes defined in the OAuth2.0 client.

Specifies the callback endpoint in your application that will receive the authorization code. It must match the redirect_uri defined in your OAuth2.0 client registration in VMware Identity Manager. When sending the redirect_uri as a URL parameter it has to be URL encoded.

Specifies the user's domain. If this parameter is specified, the login screen will skip the domain selection page. This can be used when it is known that a single domain is used or the domain information can be inferred automatically (from the username for example). This is a VMware Identity Manager optional parameter and is not in the OAuth 2.0 specification.

The username, UTF-8 encoded. Required only when grant_type is 'password'

The password, UTF-8 encoded. Required only when grant_type is 'password'

Specifies the OAuth grant type the client is making. VMware Identity Manager supports the following grant types from the OAuth specifications: authorization_code, password, client_credentials, and refresh_token. VMware Identity Manager also supports the grant type urn:ietf:params:oauth:grant-type:jwt-bearer for using JWTs for authorization as described in the JWT Bearer Token Profiles for OAuth 2.0 specifications.

The authorization code received from the authorize request. Required only if the grant_type is 'authorization_code'

The refresh token, which can be used to obtain new access tokens using the same authorization grant

The assertion being used as an authorization grant.If an assertion is not valid or has expired 'invalid_grant' error code is returned

subject_token_type

subject_token