Complete the ROPC setup with the respective authorization server. The EAM SOAP web services can be accessed by passing the SSO credentials in the SOAP header in a similar fashion as to how the SOAP webservices are accessed when WS-TRUST is enabled.
MFA should not be enabled for the User to access the EAM SOAP webservices using ROPC
and the OIDC client should be configured as a Confidential Client.
ROPC uses the Resource Owner Password Grant authentication flow and this would be deprecated in the future versions of the OIDC protocol due to security reasons. ROPC is a temporary alternative for authorization servers which don’t support WS-TRUST but support the Resource Owner Password Grant authentication flow of Open ID Connect. So, we encourage that the customers generate OIDC ID token using Authorization code grant flow as described in the earlier sections and access the webservices instead of using ROPC.