http://www.rfc-editor.org/rfc/rfc7628.txt
RFC 7628: A Set of Simple Authentication and Security Layer (SASL) Mechanisms for OAuth, W. Mills, T. Showalter, H. Tschofenig2015-08-01T23:00:00-00:00Clients typically store the user's long-term credential. This does, however, lead to significant security vulnerabilities, for example, when such a credential leaks. A significant benefit of OAuth for usage in those clients is that the password is replaced by a shared secret with higher entropy, i.e., the token. Tokens typically provide limited access rights and can be managed and revoked separately from the user's long-term password.