The OAuth 2.0 standard considers that a client application accesses Modulo Risk Manager data or features, requiring its user to have active credentials in the system without sharing these credentials with the client application itself (4.1 Authorization code).