This flow is suitable for client applications who have a trust relationship with resource owners.In this flow, the client application sends user's credentials along with its own credentials to the authorization server (Identity Server). Identity Server provides an Access token and an Refresh token to the client application. The user does not need to log in to approve the request.