Applications That Are Using ROPC Authentication Flow (55695bc0-c8cf-461f-a379-2535f563c854)
Resource owner password credentials (ROPC) should be avoided if at all possible as this requires the user to expose their current password credentials to the application directly. The application then uses those credentials to authenticate the user against the identity provider.
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| Valid Accounts - T1078 (b17a1a56-e99c-403c-8948-561df0cffe81) | Attack Pattern | Applications That Are Using ROPC Authentication Flow (55695bc0-c8cf-461f-a379-2535f563c854) | Sigma-Rules | 1 |