glide.oauth.inbound.ropc.grant_type.disabled

ServiceNow property description:

Disable resource owner password credentials grant type for inbound oauth token requests

Attributes

  • Sys ID: 3d010740ff3022105a97ffffffffff29
  • Type: true | false
  • Application: Global
  • Default value: false
AI Logo

AI generated property description:

The ServiceNow property glide.oauth.inbound.ropc.grant_type.disabled controls whether the Resource Owner Password Credentials (ROPC) grant type is disabled for inbound OAuth token requests. Its default value is false, meaning ROPC is allowed by default, enabling clients to exchange a username and password directly for an access token. Setting the property to true blocks this grant type, improving security by preventing password-based token requests, which are generally considered less secure than modern grant types like authorization code or client credentials. Administrators typically disable ROPC in environments with strict security requirements or when promoting best practices for OAuth 2.0 usage. Leaving it enabled may ease integration but exposes higher risk due to direct password handling.

Source

Related property: glide.oauth.outbound.token.request.via_mid.enabled