The grant_typeURL parameter is required by OAuth2 RFCfor the /tokenendpoint, which exchanges a grant for real tokens. So the OAuth2 server knows what you are sending to it. You are using the Resource Owner Password Credentials Grant, so you must specify it with the value password.

该grant_typeURL参数所要求的OAuth2 RFC的/token终点，这对交换令牌真正的授权。所以 OAuth2 服务器知道你向它发送了什么。您正在使用Resource Owner Password Credentials Grant，因此您必须使用值指定它password。

From the OAuth2 RFC:

来自 OAuth2 RFC：

An authorization grant is a credential representing the resource owner's authorization (to access its protected resources) used by the client to obtain an access token.

授权许可是一种凭证，表示客户端用于获取访问令牌的资源所有者授权（访问其受保护的资源）。

The grant_type=passwordmeans that you are sending a username and a password to the /tokenendpoint. If you used the Authorization Code Grantflow, you could use the value authorization_code. But then you don't send the username+password pair, but a code received from the OAuth2 server after user authentication. The code is an arbitrary string - not human readable. It's nicely shown in the workflow diagrams in the RFC.

这grant_type=password意味着您正在向/token端点发送用户名和密码。如果您使用了授权代码授予流程，则可以使用值authorization_code。但是随后您不会发送用户名+密码对，而是在用户身份验证后从 OAuth2 服务器接收到的代码。代码是一个任意字符串 - 不是人类可读的。它很好地显示在 RFC 的工作流图中。