Getting Unauthorized Client when using password grant _type Skip to main content
How satisfied are you with the Okta Help Center?
Thank you for your feedback!
How satisfied are you with the Okta Help Center?
Very Dissatisfied
Very satisfied
Enter content less than 200 characters.
Ask Search:
Raghav GuptaRaghav Gupta 

Getting Unauthorized Client when using password grant _type

I am trying to use Implicit Flow To get token but getting below error.
    "error": "unauthorized_client",
    "error_description": "The client is not authorized to use this grant type."

I have given my Application all the permission in the client application dashboard. 
Any reason why I am still getting this error. Below are the permissions I have Given.User-added image
Razvan NegriRazvan Negri (Okta, Inc.)
Test with the App assigned to a Super Admin and see if it still happens.
Ajay Singh AdminAjay Singh Admin
Was this resolved? I have facing same issue. I also verfied that a "Super Admin" is assigned to the applicaiton but still getting "unauthorized_client" for grant_type as password.
John HersonJohn Herson
anyone find a fix for this? I also started getting this error message when using grant_type password (it used to work) and now authentication for my application is broken.
John MedlongJohn Medlong
tl;dr: Editing *and saving* anything in the General Settings section of the General tab in an Application Detail will blow away grant_types of "password", with no way to recover in the GUI.  It's a valid API option, but there is no checkbox for "password", so guessing save overwrites the array without the value.  


Did you migrate from Stormpath?  I did, and just hit this today, but no matter what

API docs for managing apps.
There's a postman link there, but see below if you haven't used yet.

The process:

1. GET your appid from either the "Client ID" in the UI app list, or List Applications from API

2. GET your app information, then copy the ENTIRE body of the response from

which should look something like
    "id": "[123abc]",
    "name": "oidc_client",
    "label": "[app name]",

3. PUT all the same information, adding password (as noted, there is no delta updates, all proporties must be there, BE CAREFUL!!!!!)

In postman, after setting to PUT, go to Body, select "raw", and paste the data.
then find "grant_types" and add "password"
"grant_types": [
                ...existing types... ,

and working!

Getting started with postman if you haven't used it yet, go to
and pay attention to #3

In my case at least, I must assume the Stormpath migration added password grant type directly in the API.  Spent hours trying to figure out what the heck is going on, and have now learned many details about Okta in getting there....  :)  Side note: I fell for one of the oldest wild goose chases.  It's just a GUI missing an API option, but chased many complicated nefarious possibilities first!
Swapnil DewanganSwapnil Dewangan

I was also getting this unauthorized_client error while trying to authenticate the user. I tried to authenticate the user with 'password' grant type. 

But one thing I found that when you created an Application of type 'Web' from Okta console then it will not support the 'password' grant type.

I have created a new application from Okta console and select the application type as native and it's working fine with the password grant type.

Daniel MooneyDaniel Mooney
John Medlong, just wanted to verify that your solution RESOLVED my issue (and wanted to ensure that 'resolved' was somewhere in the body here for search engines).  Configuring Postman was the majority of the work, and it feels a little dicey doing things this way, but it worked perfectly.