SecureAuth IdP Version affected: 9.0+
It is not recommended to send a user's password via a bearer token. However, in certain scenarios, the Oidc client requires the users password for legacy delegation purposes.
1. Configure the realm to send the user password in the send token.
2. Create a custom Oidc claim under Post Authentication. (Leave the property unmapped)
3. Modify the web.config to send the password in the custom claim. 31 is the value for password. This will not be displayed in the UI.