Please note that this extension retrieves the Client ID and Client Secrets for your Applications using the Management API. This information is subsequently used to call Authentication API endpoints where applicable.
However, it isn't the case with Password Grant. Requests to /oauth/token are missing the client_secret parameter as can be seen below:
There is an introductory note that reads:
However, it isn't the case with Password Grant. Requests to
/oauth/token
are missing theclient_secret
parameter as can be seen below: