# OAuth Grant Types

OAuth Grant Types are different ways you can get access token for your own Passolution account or on behalf of a Passolution user. They have different limitations and use cases which are explained below.

## Authorization Code

This is the most widely used grant type for **applications that require delegated access** (access on a user's behalf) and **have its own servers** that can directly interact with our Authorization Server (web.passolution.eu) to get access tokens.

## Authorization Code Grant With PKCE

This grant type is used when you **don't have your own servers** that can securely store your OAuth Client Secret & user's access tokens but still **need delegated access** on Passolution user's behalf.

For example, if you have a Single Page App without backend servers, you can get access token with this grant type and store the access token for user in their browser itself (Web Storage API).

## Client Credentials

This grant type can be used to **get access token for your own Passolution account only**. Kindly note that this grant type does not provide access on other Passolution user's behalf.