Added clarity about ROPC & usage from RFC

author: Jonathan Huot <jonathan.huot@gmail.com> 2019-10-25 11:10:27 +0200
committer: Jonathan Huot <jonathan.huot@gmail.com> 2019-10-25 11:10:27 +0200
commit: 842f5da2702ad76bb043c48ad5726da754277828 (patch)
tree: 95d37434f1394bbd541b973eb543ea958400737d /docs
parent: 3a4459bdd83744a3cd3a698997a6a4b483b0c6e0 (diff)
download: oauthlib-842f5da2702ad76bb043c48ad5726da754277828.tar.gz
1 files changed, 4 insertions, 2 deletions
diff --git a/docs/oauth2/grants/grants.rst b/docs/oauth2/grants/grants.rst
index d2d9dcc..e183761 100644
--- a/docs/oauth2/grants/grants.rst
+++ b/docs/oauth2/grants/grants.rst
@@ -21,8 +21,10 @@ serves less secure applications such as Mobile Applications or
 Single-Page Applications, the :doc:`Client Credentials grant
 </oauth2/grants/credentials>` is excellent for embedded services and
 backend applications. We have also the :doc:`Resource Owner Password
-Credentials grant </oauth2/grants/password>` for legacy applications
-to incrementally transition to OAuth 2.
+Credentials grant </oauth2/grants/password>` when there is a high
+degree of trust between the resource owner and the client, and when
+other authorization grant types are not available. This is also often
+used for legacy applications to incrementally transition to OAuth 2.
 
 The main purpose of the grant types is to authorize access to protected
 resources in various ways with different security credentials.
author	Jonathan Huot <jonathan.huot@gmail.com>	2019-10-25 11:10:27 +0200
committer	Jonathan Huot <jonathan.huot@gmail.com>	2019-10-25 11:10:27 +0200
commit	842f5da2702ad76bb043c48ad5726da754277828 (patch)
tree	95d37434f1394bbd541b973eb543ea958400737d /docs
parent	3a4459bdd83744a3cd3a698997a6a4b483b0c6e0 (diff)
download	oauthlib-842f5da2702ad76bb043c48ad5726da754277828.tar.gz