The resource owner credentials are similar to the client credentials flow, with the difference being that, in this case, the resource owner credentials are used to access a protected resource owned by the resource owner.
In this flow, the resource owner exchanges credentials with the client application via a user-agent, for example, a mobile application or a web application. The application then uses the credentials to authenticate against the authorization server to obtain an access token, then used to access a protected resource.