OAuth 2.0 Resource Owner Password Credentials (ROPC), also known in Postman as the 'Password Credentials' OAuth 2.0 Grant Type.
See here for more information: https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-oauth-ropc
The current allowed method from the Generic OAuth 2.0 - Generic Oauth 2 Identity Provider only allows for: Client id & Client secret.
This does not grant access to OAuth 2.0 APIs that use a 'Password Credentials' method, using 'Username' and 'Password'
This is a necessary feature addition to Custom Connectors enable developers to use API authentication that have expiration on their bearer tokens, and can only be logged in via Username and Password.
These are the directions that I was given to call a REST API, but believe that I cannot complete it, because of this inability to use the grant_type.
--- REST API Instructions ---
To make a REST API call, you must include request headers including the Authorization header with an OAuth 2.0 access token. To get an access token, pass the [ApiClientKey]:[ApiClientSecret] credentials to the Authorization Server in base64 format in the Authorization header in a get access token request. To make a REST API call, you must include request headers including the Authorization header with an OAuth 2.0 access token.
POST /auth/token HTTP/1.1Host: restapi.companyxyz.comContent-Type: application/x-www-form-urlencodedAuthorization: Basic [user.secret in base64 format]Cache-Control: no-cache
Using the access token provided in the authorization response, the API client can now access the REST API on behalf of the authorizing user as follows: