diff --git a/packages/hoppscotch-cli/src/__tests__/samples/collections/collection-level-headers-auth-coll.json b/packages/hoppscotch-cli/src/__tests__/samples/collections/collection-level-headers-auth-coll.json
index 03d2598ee..5e779482f 100644
--- a/packages/hoppscotch-cli/src/__tests__/samples/collections/collection-level-headers-auth-coll.json
+++ b/packages/hoppscotch-cli/src/__tests__/samples/collections/collection-level-headers-auth-coll.json
@@ -17,7 +17,7 @@
                 "folders": [],
                 "requests": [
                   {
-                    "v": "2",
+                    "v": "3",
                     "endpoint": "https://echo.hoppscotch.io",
                     "name": "RequestD",
                     "params": [],
@@ -53,7 +53,7 @@
             ],
             "requests": [
               {
-                "v": "2",
+                "v": "3",
                 "endpoint": "https://echo.hoppscotch.io",
                 "name": "RequestC",
                 "params": [],
@@ -90,7 +90,7 @@
         ],
         "requests": [
           {
-            "v": "2",
+            "v": "3",
             "endpoint": "https://echo.hoppscotch.io",
             "name": "RequestB",
             "params": [],
@@ -119,7 +119,7 @@
     ],
     "requests": [
       {
-        "v": "2",
+        "v": "3",
         "endpoint": "https://echo.hoppscotch.io",
         "name": "RequestA",
         "params": [],
@@ -162,7 +162,7 @@
         "folders": [],
         "requests": [
           {
-            "v": "2",
+            "v": "3",
             "endpoint": "https://echo.hoppscotch.io",
             "name": "RequestB",
             "params": [],
@@ -191,7 +191,7 @@
     ],
     "requests": [
       {
-        "v": "2",
+        "v": "3",
         "endpoint": "https://echo.hoppscotch.io",
         "name": "RequestA",
         "params": [],
diff --git a/packages/hoppscotch-cli/src/__tests__/samples/collections/env-flag-tests-coll.json b/packages/hoppscotch-cli/src/__tests__/samples/collections/env-flag-tests-coll.json
index 879264f7f..ded538ab1 100644
--- a/packages/hoppscotch-cli/src/__tests__/samples/collections/env-flag-tests-coll.json
+++ b/packages/hoppscotch-cli/src/__tests__/samples/collections/env-flag-tests-coll.json
@@ -4,7 +4,7 @@
   "folders": [],
   "requests": [
     {
-      "v": "2",
+      "v": "3",
       "endpoint": "<<URL>>",
       "name": "test1",
       "params": [],
diff --git a/packages/hoppscotch-cli/src/__tests__/samples/collections/fails-coll.json b/packages/hoppscotch-cli/src/__tests__/samples/collections/fails-coll.json
index fec2e4e89..b81720491 100644
--- a/packages/hoppscotch-cli/src/__tests__/samples/collections/fails-coll.json
+++ b/packages/hoppscotch-cli/src/__tests__/samples/collections/fails-coll.json
@@ -5,7 +5,7 @@
     "folders": [],
     "requests": [
       {
-        "v": "2",
+        "v": "3",
         "endpoint": "https://echo.hoppscotch.io/<<HEADERS_TYPE1>>",
         "name": "",
         "params": [],
@@ -13,10 +13,7 @@
         "method": "GET",
         "auth": {
           "authType": "none",
-          "authActive": true,
-          "addTo": "Headers",
-          "key": "",
-          "value": ""
+          "authActive": true
         },
         "preRequestScript": "pw.env.set(\"HEADERS_TYPE1\", \"devblin_local1\");",
         "testScript": "// Check status code is 200\npwd.test(\"Status code is 200\", ()=> {\n    pw.expect(pw.response.status).toBe(200);\n});\n\n// Check JSON response property\npw.test(\"Check JSON response property\", ()=> {\n    pw.expect(pw.response.body.method).toBe(\"GET\");\n    pw.expect(pw.response.body.headers).toBeType(\"string\");\n});",
@@ -24,10 +21,10 @@
           "contentType": "application/json",
           "body": "{\n\"test\": \"<<HEADERS_TYPE1>>\"\n}"
         },
-        "requestVariables": [],
+        "requestVariables": []
       },
       {
-        "v": "2",
+        "v": "3",
         "endpoint": "https://echo.hoppscotch.dio/<<HEADERS_TYPE2>>",
         "name": "success",
         "params": [],
@@ -35,10 +32,7 @@
         "method": "GET",
         "auth": {
           "authType": "none",
-          "authActive": true,
-          "addTo": "Headers",
-          "key": "",
-          "value": ""
+          "authActive": true
         },
         "preRequestScript": "pw.env.setd(\"HEADERS_TYPE2\", \"devblin_local2\");",
         "testScript": "// Check status code is 200\npw.test(\"Status code is 200\", ()=> {\n    pw.expect(pw.response.status).toBe(300);\n});\n\n// Check JSON response property\npw.test(\"Check JSON response property\", ()=> {\n    pw.expect(pw.response.body.method).toBe(\"GET\");\n    pw.expect(pw.response.body.headers).toBeType(\"object\");\n});",
diff --git a/packages/hoppscotch-cli/src/__tests__/samples/collections/malformed-coll.json b/packages/hoppscotch-cli/src/__tests__/samples/collections/malformed-coll.json
index 9050f523c..a4c467215 100644
--- a/packages/hoppscotch-cli/src/__tests__/samples/collections/malformed-coll.json
+++ b/packages/hoppscotch-cli/src/__tests__/samples/collections/malformed-coll.json
@@ -4,7 +4,7 @@
 		"folders": [],
 		"requests":
 			{
-				"v": "2",
+				"v": "3",
 				"endpoint": "https://echo.hoppscotch.io/<<HEADERS_TYPE1>>",
 				"name": "fail",
 				"params": [],
@@ -12,10 +12,7 @@
 				"method": "GET",
 				"auth": {
 					"authType": "none",
-					"authActive": true,
-					"addTo": "Headers",
-					"key": "",
-					"value": ""
+					"authActive": true
 				},
 				"preRequestScript": "pw.env.set(\"HEADERS_TYPE1\", \"devblin_local1\");",
 				"testScript": "// Check status code is 200\npw.test(\"Status code is 200\", ()=> {\n    pw.expect(pw.response.status).toBe(200);\n});\n\n// Check JSON response property\npw.test(\"Check JSON response property\", ()=> {\n    pw.expect(pw.response.body.method).toBe(\"GET\");\n    pw.expect(pw.response.body.headers).toBeType(\"string\");\n});",
@@ -26,7 +23,7 @@
         "requestVariables": [],
 			},
 			{
-				"v": "2",
+				"v": "3",
 				"endpoint": "https://echo.hoppscotch.io/<<HEADERS_TYPE2>>",
 				"name": "success",
 				"params": [],
@@ -34,10 +31,7 @@
 				"method": "GET",
 				"auth": {
 					"authType": "none",
-					"authActive": true,
-					"addTo": "Headers",
-					"key": "",
-					"value": ""
+					"authActive": true
 				},
 				"preRequestScript": "pw.env.set(\"HEADERS_TYPE2\", \"devblin_local2\");",
 				"testScript": "// Check status code is 200\npw.test(\"Status code is 200\", ()=> {\n    pw.expect(pw.response.status).toBe(300);\n});\n\n// Check JSON response property\npw.test(\"Check JSON response property\", ()=> {\n    pw.expect(pw.response.body.method).toBe(\"GET\");\n    pw.expect(pw.response.body.headers).toBeType(\"object\");\n});",
diff --git a/packages/hoppscotch-cli/src/__tests__/samples/collections/passes-coll.json b/packages/hoppscotch-cli/src/__tests__/samples/collections/passes-coll.json
index fb448bd17..e958164a3 100644
--- a/packages/hoppscotch-cli/src/__tests__/samples/collections/passes-coll.json
+++ b/packages/hoppscotch-cli/src/__tests__/samples/collections/passes-coll.json
@@ -5,7 +5,7 @@
     "folders": [],
     "requests": [
       {
-        "v": "2",
+        "v": "3",
         "endpoint": "https://echo.hoppscotch.io/<<HEADERS_TYPE1>>",
         "name": "",
         "params": [],
@@ -13,10 +13,7 @@
         "method": "GET",
         "auth": {
           "authType": "none",
-          "authActive": true,
-          "addTo": "Headers",
-          "key": "",
-          "value": ""
+          "authActive": true
         },
         "preRequestScript": "pw.env.set(\"HEADERS_TYPE1\", \"devblin_local1\");",
         "testScript": "// Check status code is 200\npw.test(\"Status code is 200\", ()=> {\n    pw.expect(pw.response.status).toBe(200);\n});\n\n// Check JSON response property\npw.test(\"Check JSON response property\", ()=> {\n    pw.expect(pw.response.body.method).toBe(\"GET\");\n    pw.expect(pw.response.body.headers).toBeType(\"object\");\n});",
@@ -27,7 +24,7 @@
         "requestVariables": []
       },
       {
-        "v": "2",
+        "v": "3",
         "endpoint": "https://echo.hoppscotch.io/<<HEADERS_TYPE2>>",
         "name": "success",
         "params": [],
@@ -35,10 +32,7 @@
         "method": "GET",
         "auth": {
           "authType": "none",
-          "authActive": true,
-          "addTo": "Headers",
-          "key": "",
-          "value": ""
+          "authActive": true
         },
         "preRequestScript": "pw.env.set(\"HEADERS_TYPE2\", \"devblin_local2\");",
         "testScript": "// Check status code is 200\npw.test(\"Status code is 200\", ()=> {\n    pw.expect(pw.response.status).toBe(200);\n});\n\n// Check JSON response property\npw.test(\"Check JSON response property\", ()=> {\n    pw.expect(pw.response.body.method).toBe(\"GET\");\n    pw.expect(pw.response.body.headers).toBeType(\"object\");\n});",
diff --git a/packages/hoppscotch-cli/src/__tests__/samples/collections/pre-req-script-env-var-persistence-coll.json b/packages/hoppscotch-cli/src/__tests__/samples/collections/pre-req-script-env-var-persistence-coll.json
index c0197b092..0d625b81b 100644
--- a/packages/hoppscotch-cli/src/__tests__/samples/collections/pre-req-script-env-var-persistence-coll.json
+++ b/packages/hoppscotch-cli/src/__tests__/samples/collections/pre-req-script-env-var-persistence-coll.json
@@ -4,7 +4,7 @@
   "folders": [],
   "requests": [
     {
-      "v": "2",
+      "v": "3",
       "auth": { "authType": "none", "authActive": true },
       "body": { "body": null, "contentType": null },
       "name": "sample-req",
diff --git a/packages/hoppscotch-cli/src/__tests__/samples/collections/req-body-env-vars-coll.json b/packages/hoppscotch-cli/src/__tests__/samples/collections/req-body-env-vars-coll.json
index 0e5f4590b..0ddf3ef31 100644
--- a/packages/hoppscotch-cli/src/__tests__/samples/collections/req-body-env-vars-coll.json
+++ b/packages/hoppscotch-cli/src/__tests__/samples/collections/req-body-env-vars-coll.json
@@ -4,7 +4,7 @@
   "folders": [],
   "requests": [
     {
-      "v": "2",
+      "v": "3",
       "name": "test-request",
       "endpoint": "https://echo.hoppscotch.io",
       "method": "POST",
diff --git a/packages/hoppscotch-cli/src/__tests__/samples/collections/secret-envs-coll.json b/packages/hoppscotch-cli/src/__tests__/samples/collections/secret-envs-coll.json
index 57889f26b..2cea26e85 100644
--- a/packages/hoppscotch-cli/src/__tests__/samples/collections/secret-envs-coll.json
+++ b/packages/hoppscotch-cli/src/__tests__/samples/collections/secret-envs-coll.json
@@ -4,7 +4,7 @@
   "folders": [],
   "requests": [
     {
-      "v": "2",
+      "v": "3",
       "auth": { "authType": "none", "authActive": true },
       "body": { "body": null, "contentType": null },
       "name": "test-secret-headers",
@@ -23,7 +23,7 @@
       "preRequestScript": "const secretHeaderValueFromPreReqScript = pw.env.get(\"secretHeaderValue\")\npw.env.set(\"secretHeaderValueFromPreReqScript\", secretHeaderValueFromPreReqScript)"
     },
     {
-      "v": "2",
+      "v": "3",
       "auth": { "authType": "none", "authActive": true },
       "body": {
         "body": "{\n  \"secretBodyKey\": \"<<secretBodyValue>>\"\n}",
@@ -39,7 +39,7 @@
       "preRequestScript": "const secretBodyValueFromPreReqScript = pw.env.get(\"secretBodyValue\")\npw.env.set(\"secretBodyValueFromPreReqScript\", secretBodyValueFromPreReqScript)"
     },
     {
-      "v": "2",
+      "v": "3",
       "auth": { "authType": "none", "authActive": true },
       "body": { "body": null, "contentType": null },
       "name": "test-secret-query-params",
@@ -58,7 +58,7 @@
       "preRequestScript": "const secretQueryParamValueFromPreReqScript = pw.env.get(\"secretQueryParamValue\")\npw.env.set(\"secretQueryParamValueFromPreReqScript\", secretQueryParamValueFromPreReqScript)"
     },
     {
-      "v": "2",
+      "v": "3",
       "auth": {
         "authType": "basic",
         "password": "<<secretBasicAuthPassword>>",
@@ -76,7 +76,7 @@
       "preRequestScript": ""
     },
     {
-      "v": "2",
+      "v": "3",
       "auth": {
         "token": "<<secretBearerToken>>",
         "authType": "bearer",
@@ -95,7 +95,7 @@
       "preRequestScript": "const secretBearerToken = pw.env.get(\"secretBearerToken\")\npw.env.set(\"preReqSecretBearerToken\", secretBearerToken)"
     },
     {
-      "v": "2",
+      "v": "3",
       "auth": { "authType": "none", "authActive": true },
       "body": { "body": null, "contentType": null },
       "name": "test-secret-fallback",
diff --git a/packages/hoppscotch-cli/src/__tests__/samples/collections/secret-envs-persistence-coll.json b/packages/hoppscotch-cli/src/__tests__/samples/collections/secret-envs-persistence-coll.json
index 04a32e680..823eec801 100644
--- a/packages/hoppscotch-cli/src/__tests__/samples/collections/secret-envs-persistence-coll.json
+++ b/packages/hoppscotch-cli/src/__tests__/samples/collections/secret-envs-persistence-coll.json
@@ -4,7 +4,7 @@
   "folders": [],
   "requests": [
     {
-      "v": "2",
+      "v": "3",
       "auth": {
         "authType": "none",
         "authActive": true
@@ -29,7 +29,7 @@
       "preRequestScript": "pw.env.set(\"secretHeaderValue\", \"secret-header-value\")\n\nconst secretHeaderValueFromPreReqScript = pw.env.getResolve(\"secretHeaderValue\")\npw.env.set(\"secretHeaderValueFromPreReqScript\", secretHeaderValueFromPreReqScript)"
     },
     {
-      "v": "2",
+      "v": "3",
       "auth": {
         "authType": "none",
         "authActive": true
@@ -54,7 +54,7 @@
       "preRequestScript": "pw.env.set(\"secretHeaderValue\", \"secret-header-value-overriden\")\n\nconst secretHeaderValueFromPreReqScript = pw.env.getResolve(\"secretHeaderValue\")\npw.env.set(\"secretHeaderValueFromPreReqScript\", secretHeaderValueFromPreReqScript)"
     },
     {
-      "v": "2",
+      "v": "3",
       "auth": {
         "authType": "none",
         "authActive": true
@@ -73,7 +73,7 @@
       "preRequestScript": "const secretBodyValue = pw.env.get(\"secretBodyValue\")\n\nif (!secretBodyValue) { \n  pw.env.set(\"secretBodyValue\", \"secret-body-value\")\n}\n\nconst secretBodyValueFromPreReqScript = pw.env.get(\"secretBodyValue\")\npw.env.set(\"secretBodyValueFromPreReqScript\", secretBodyValueFromPreReqScript)"
     },
     {
-      "v": "2",
+      "v": "3",
       "auth": {
         "authType": "none",
         "authActive": true
@@ -98,7 +98,7 @@
       "preRequestScript": "const secretQueryParamValue = pw.env.get(\"secretQueryParamValue\")\n\nif (!secretQueryParamValue) {\n  pw.env.set(\"secretQueryParamValue\", \"secret-query-param-value\")\n}\n\nconst secretQueryParamValueFromPreReqScript = pw.env.get(\"secretQueryParamValue\")\npw.env.set(\"secretQueryParamValueFromPreReqScript\", secretQueryParamValueFromPreReqScript)"
     },
     {
-      "v": "2",
+      "v": "3",
       "auth": {
         "authType": "basic",
         "password": "<<secretBasicAuthPassword>>",
@@ -119,7 +119,7 @@
       "preRequestScript": "let secretBasicAuthUsername = pw.env.get(\"secretBasicAuthUsername\")\n\nlet secretBasicAuthPassword = pw.env.get(\"secretBasicAuthPassword\")\n\nif (!secretBasicAuthUsername) {\n  pw.env.set(\"secretBasicAuthUsername\", \"test-user\")\n}\n\nif (!secretBasicAuthPassword) {\n  pw.env.set(\"secretBasicAuthPassword\", \"test-pass\")\n}"
     },
     {
-      "v": "2",
+      "v": "3",
       "auth": {
         "token": "<<secretBearerToken>>",
         "authType": "bearer",
diff --git a/packages/hoppscotch-cli/src/__tests__/samples/collections/secret-envs-persistence-scripting-coll.json b/packages/hoppscotch-cli/src/__tests__/samples/collections/secret-envs-persistence-scripting-coll.json
index 76ab9ea89..61dc17cd2 100644
--- a/packages/hoppscotch-cli/src/__tests__/samples/collections/secret-envs-persistence-scripting-coll.json
+++ b/packages/hoppscotch-cli/src/__tests__/samples/collections/secret-envs-persistence-scripting-coll.json
@@ -4,7 +4,7 @@
   "folders": [],
   "requests": [
     {
-      "v": "2",
+      "v": "3",
       "endpoint": "https://httpbin.org/post",
       "name": "req",
       "params": [],
diff --git a/packages/hoppscotch-cli/src/options/test/env.ts b/packages/hoppscotch-cli/src/options/test/env.ts
index 6e1c45271..1f0be6de4 100644
--- a/packages/hoppscotch-cli/src/options/test/env.ts
+++ b/packages/hoppscotch-cli/src/options/test/env.ts
@@ -6,7 +6,7 @@ import { error } from "../../types/errors";
 import {
   HoppEnvKeyPairObject,
   HoppEnvPair,
-  HoppEnvs
+  HoppEnvs,
 } from "../../types/request";
 import { readJsonFile } from "../../utils/mutators";
 
@@ -17,7 +17,7 @@ import { readJsonFile } from "../../utils/mutators";
  */
 export async function parseEnvsData(path: string) {
   const contents = await readJsonFile(path);
-  const envPairs: Array<Environment["variables"][number] | HoppEnvPair> = [];
+  const envPairs: Array<HoppEnvPair | Record<string, string>> = [];
 
   // The legacy key-value pair format that is still supported
   const HoppEnvKeyPairResult = HoppEnvKeyPairObject.safeParse(contents);
@@ -26,7 +26,9 @@ export async function parseEnvsData(path: string) {
   const HoppEnvExportObjectResult = Environment.safeParse(contents);
 
   // Shape of the bulk environment export object that is exported from the app
-  const HoppBulkEnvExportObjectResult = z.array(entityReference(Environment)).safeParse(contents)
+  const HoppBulkEnvExportObjectResult = z
+    .array(entityReference(Environment))
+    .safeParse(contents);
 
   // CLI doesnt support bulk environments export
   // Hence we check for this case and throw an error if it matches the format
@@ -36,7 +38,10 @@ export async function parseEnvsData(path: string) {
 
   //  Checks if the environment file is of the correct format
   // If it doesnt match either of them, we throw an error
-  if (!HoppEnvKeyPairResult.success && HoppEnvExportObjectResult.type === "err") {
+  if (
+    !HoppEnvKeyPairResult.success &&
+    HoppEnvExportObjectResult.type === "err"
+  ) {
     throw error({ code: "MALFORMED_ENV_FILE", path, data: error });
   }
 
diff --git a/packages/hoppscotch-cli/src/utils/pre-request.ts b/packages/hoppscotch-cli/src/utils/pre-request.ts
index b576ac9aa..c4227c790 100644
--- a/packages/hoppscotch-cli/src/utils/pre-request.ts
+++ b/packages/hoppscotch-cli/src/utils/pre-request.ts
@@ -109,18 +109,31 @@ export function getEffectiveRESTRequest(
         key: "Authorization",
         value: `Basic ${btoa(`${username}:${password}`)}`,
       });
-    } else if (
-      request.auth.authType === "bearer" ||
-      request.auth.authType === "oauth-2"
-    ) {
+    } else if (request.auth.authType === "bearer") {
       effectiveFinalHeaders.push({
         active: true,
         key: "Authorization",
-        value: `Bearer ${parseTemplateString(
-          request.auth.token,
-          envVariables
-        )}`,
+        value: `Bearer ${parseTemplateString(request.auth.token, envVariables)}`,
       });
+    } else if (request.auth.authType === "oauth-2") {
+      const { addTo } = request.auth;
+
+      if (addTo === "HEADERS") {
+        effectiveFinalHeaders.push({
+          active: true,
+          key: "Authorization",
+          value: `Bearer ${parseTemplateString(request.auth.grantTypeInfo.token, envVariables)}`,
+        });
+      } else if (addTo === "QUERY_PARAMS") {
+        effectiveFinalParams.push({
+          active: true,
+          key: "access_token",
+          value: parseTemplateString(
+            request.auth.grantTypeInfo.token,
+            envVariables
+          ),
+        });
+      }
     } else if (request.auth.authType === "api-key") {
       const { key, value, addTo } = request.auth;
       if (addTo === "Headers") {
diff --git a/packages/hoppscotch-cli/src/utils/request.ts b/packages/hoppscotch-cli/src/utils/request.ts
index 3e15b2979..81513bd21 100644
--- a/packages/hoppscotch-cli/src/utils/request.ts
+++ b/packages/hoppscotch-cli/src/utils/request.ts
@@ -41,10 +41,10 @@ const processVariables = (variable: Environment["variables"][number]) => {
       ...variable,
       value:
         "value" in variable ? variable.value : process.env[variable.key] || "",
-    }
+    };
   }
-  return variable
-}
+  return variable;
+};
 
 /**
  * Processes given envs, which includes processing each variable in global
@@ -56,10 +56,10 @@ const processEnvs = (envs: HoppEnvs) => {
   const processedEnvs = {
     global: envs.global.map(processVariables),
     selected: envs.selected.map(processVariables),
-  }
+  };
 
-  return processedEnvs
-}
+  return processedEnvs;
+};
 
 /**
  * Transforms given request data to request-config used by request-runner to
@@ -70,7 +70,7 @@ const processEnvs = (envs: HoppEnvs) => {
 export const createRequest = (req: EffectiveHoppRESTRequest): RequestConfig => {
   const config: RequestConfig = {
     supported: true,
-    displayUrl: req.effectiveFinalDisplayURL
+    displayUrl: req.effectiveFinalDisplayURL,
   };
   const { finalBody, finalEndpoint, finalHeaders, finalParams } = getRequest;
   const reqParams = finalParams(req);
@@ -131,6 +131,7 @@ export const requestRunner =
       let status: number;
       const baseResponse = await axios(requestConfig);
       const { config } = baseResponse;
+      // PR-COMMENT: type error
       const runnerResponse: RequestRunnerResponse = {
         ...baseResponse,
         endpoint: getRequest.endpoint(config.url),
@@ -257,10 +258,13 @@ export const processRequest =
     let updatedEnvs = <HoppEnvs>{};
 
     // Fetch values for secret environment variables from system environment
-    const processedEnvs = processEnvs(envs)
+    const processedEnvs = processEnvs(envs);
 
     // Executing pre-request-script
-    const preRequestRes = await preRequestScriptRunner(request, processedEnvs)();
+    const preRequestRes = await preRequestScriptRunner(
+      request,
+      processedEnvs
+    )();
     if (E.isLeft(preRequestRes)) {
       printPreRequestRunner.fail();
 
@@ -347,7 +351,7 @@ export const processRequest =
  */
 export const preProcessRequest = (
   request: HoppRESTRequest,
-  collection: HoppCollection,
+  collection: HoppCollection
 ): HoppRESTRequest => {
   const tempRequest = Object.assign({}, request);
   const { headers: parentHeaders, auth: parentAuth } = collection;
@@ -372,8 +376,10 @@ export const preProcessRequest = (
     // Filter out header entries present in the parent (folder/collection) under the same name
     // This ensures the child headers take precedence over the parent headers
     const filteredEntries = parentHeaders.filter((parentHeaderEntries) => {
-      return !tempRequest.headers.some((reqHeaderEntries) => reqHeaderEntries.key === parentHeaderEntries.key)
-    })
+      return !tempRequest.headers.some(
+        (reqHeaderEntries) => reqHeaderEntries.key === parentHeaderEntries.key
+      );
+    });
     tempRequest.headers.push(...filteredEntries);
   } else if (!tempRequest.headers) {
     tempRequest.headers = [];
diff --git a/packages/hoppscotch-common/locales/en.json b/packages/hoppscotch-common/locales/en.json
index 6ac98710a..a93843c80 100644
--- a/packages/hoppscotch-common/locales/en.json
+++ b/packages/hoppscotch-common/locales/en.json
@@ -137,7 +137,26 @@
       "redirect_no_token_endpoint": "No Token Endpoint Defined",
       "something_went_wrong_on_oauth_redirect": "Something went wrong during OAuth Redirect",
       "something_went_wrong_on_token_generation": "Something went wrong on token generation",
-      "token_generation_oidc_discovery_failed": "Failure on token generation: OpenID Connect Discovery Failed"
+      "token_generation_oidc_discovery_failed": "Failure on token generation: OpenID Connect Discovery Failed",
+      "grant_type": "Grant Type",
+      "grant_type_auth_code": "Authorization Code",
+      "token_fetched_successfully": "Token fetched successfully",
+      "token_fetch_failed": "Failed to fetch token",
+      "validation_failed": "Validation Failed, please check the form fields",
+      "label_authorization_endpoint": "Authorization Endpoint",
+      "label_client_id": "Client ID",
+      "label_client_secret": "Client Secret",
+      "label_code_challenge": "Code Challenge",
+      "label_code_challenge_method": "Code Challenge Method",
+      "label_code_verifier": "Code Verifier",
+      "label_scopes": "Scopes",
+      "label_token_endpoint": "Token Endpoint",
+      "label_use_pkce": "Use PKCE",
+      "label_implicit": "Implicit",
+      "label_password": "Password",
+      "label_username": "Username",
+      "label_auth_code": "Authorization Code",
+      "label_client_credentials": "Client Credentials"
     },
     "pass_key_by": "Pass by",
     "password": "Password",
diff --git a/packages/hoppscotch-common/src/components.d.ts b/packages/hoppscotch-common/src/components.d.ts
index 20783de26..75b5ec66e 100644
--- a/packages/hoppscotch-common/src/components.d.ts
+++ b/packages/hoppscotch-common/src/components.d.ts
@@ -1,5 +1,7 @@
-// generated by unplugin-vue-components
-// We suggest you to commit this file into source control
+/* eslint-disable */
+/* prettier-ignore */
+// @ts-nocheck
+// Generated by unplugin-vue-components
 // Read more: https://github.com/vuejs/core/pull/3399
 import "@vue/runtime-core"
 
diff --git a/packages/hoppscotch-common/src/components/collections/Properties.vue b/packages/hoppscotch-common/src/components/collections/Properties.vue
index f23c64173..642679065 100644
--- a/packages/hoppscotch-common/src/components/collections/Properties.vue
+++ b/packages/hoppscotch-common/src/components/collections/Properties.vue
@@ -8,7 +8,7 @@
   >
     <template #body>
       <HoppSmartTabs
-        v-model="selectedOptionTab"
+        v-model="activeTab"
         styles="sticky overflow-x-auto flex-shrink-0 bg-primary top-0 z-10 !-py-4"
         render-inactive-tabs
       >
@@ -16,7 +16,6 @@
           <HttpHeaders
             v-model="editableCollection"
             :is-collection-property="true"
-            @change-tab="changeOptionTab"
           />
           <div
             class="bg-bannerInfo px-4 py-2 flex items-center sticky bottom-0"
@@ -34,6 +33,7 @@
             :is-collection-property="true"
             :is-root-collection="editingProperties?.isRootCollection"
             :inherited-properties="editingProperties?.inheritedProperties"
+            :source="source"
           />
           <div
             class="bg-bannerInfo px-4 py-2 flex items-center sticky bottom-0"
@@ -64,16 +64,20 @@
 </template>
 
 <script setup lang="ts">
-import { watch, ref } from "vue"
 import { useI18n } from "@composables/i18n"
 import { HoppCollection, HoppRESTAuth, HoppRESTHeaders } from "@hoppscotch/data"
-import { RESTOptionTabs } from "../http/RequestOptions.vue"
 import { clone } from "lodash-es"
 import { HoppInheritedProperty } from "~/helpers/types/HoppInheritedProperties"
+import { PersistenceService } from "~/services/persistence"
+import { useService } from "dioc/vue"
+import { ref, watch } from "vue"
 
+import { useVModel } from "@vueuse/core"
+
+const persistenceService = useService(PersistenceService)
 const t = useI18n()
 
-type EditingProperties = {
+export type EditingProperties = {
   collection: Partial<HoppCollection> | null
   isRootCollection: boolean
   path: string
@@ -85,6 +89,8 @@ const props = withDefaults(
     show: boolean
     loadingState: boolean
     editingProperties: EditingProperties | null
+    source: "REST" | "GraphQL"
+    modelValue: string
   }>(),
   {
     show: false,
@@ -99,6 +105,7 @@ const emit = defineEmits<{
     newCollection: Omit<EditingProperties, "inheritedProperties">
   ): void
   (e: "hide-modal"): void
+  (e: "update:modelValue"): void
 }>()
 
 const editableCollection = ref<{
@@ -112,11 +119,27 @@ const editableCollection = ref<{
   },
 })
 
-const selectedOptionTab = ref("headers")
+watch(
+  editableCollection,
+  (updatedEditableCollection) => {
+    if (props.show) {
+      persistenceService.setLocalConfig(
+        "unsaved_collection_properties",
+        JSON.stringify(<EditingProperties>{
+          collection: updatedEditableCollection,
+          isRootCollection: props.editingProperties?.isRootCollection,
+          path: props.editingProperties?.path,
+          inheritedProperties: props.editingProperties?.inheritedProperties,
+        })
+      )
+    }
+  },
+  {
+    deep: true,
+  }
+)
 
-const changeOptionTab = (tab: RESTOptionTabs) => {
-  selectedOptionTab.value = tab
-}
+const activeTab = useVModel(props, "modelValue", emit)
 
 watch(
   () => props.show,
@@ -136,6 +159,8 @@ watch(
           authActive: false,
         },
       }
+
+      persistenceService.removeLocalConfig("unsaved_collection_properties")
     }
   }
 )
@@ -152,9 +177,11 @@ const saveEditedCollection = () => {
     isRootCollection: props.editingProperties.isRootCollection,
   }
   emit("set-collection-properties", collection as EditingProperties)
+  persistenceService.removeLocalConfig("unsaved_collection_properties")
 }
 
 const hideModal = () => {
+  persistenceService.removeLocalConfig("unsaved_collection_properties")
   emit("hide-modal")
 }
 </script>
diff --git a/packages/hoppscotch-common/src/components/collections/graphql/index.vue b/packages/hoppscotch-common/src/components/collections/graphql/index.vue
index e69099bb4..b2878d49e 100644
--- a/packages/hoppscotch-common/src/components/collections/graphql/index.vue
+++ b/packages/hoppscotch-common/src/components/collections/graphql/index.vue
@@ -146,8 +146,10 @@
       @hide-modal="displayModalImportExport(false)"
     />
     <CollectionsProperties
+      v-model="collectionPropertiesModalActiveTab"
       :show="showModalEditProperties"
       :editing-properties="editingProperties"
+      source="GraphQL"
       @hide-modal="displayModalEditProperties(false)"
       @set-collection-properties="setCollectionProperties"
     />
@@ -155,7 +157,7 @@
 </template>
 
 <script setup lang="ts">
-import { nextTick, ref } from "vue"
+import { nextTick, onMounted, ref } from "vue"
 import { clone, cloneDeep } from "lodash-es"
 import {
   graphqlCollections$,
@@ -178,6 +180,7 @@ import { GQLTabService } from "~/services/tab/graphql"
 import { computed } from "vue"
 import {
   HoppCollection,
+  HoppGQLAuth,
   HoppGQLRequest,
   makeGQLRequest,
 } from "@hoppscotch/data"
@@ -186,6 +189,10 @@ import { HoppInheritedProperty } from "~/helpers/types/HoppInheritedProperties"
 import { updateInheritedPropertiesForAffectedRequests } from "~/helpers/collection/collection"
 import { useToast } from "~/composables/toast"
 import { getRequestsByPath } from "~/helpers/collection/request"
+import { PersistenceService } from "~/services/persistence"
+import { PersistedOAuthConfig } from "~/services/oauth/oauth.service"
+import { GQLOptionTabs } from "~/components/graphql/RequestOptions.vue"
+import { EditingProperties } from "../Properties.vue"
 
 const t = useI18n()
 const toast = useToast()
@@ -232,6 +239,52 @@ const editingProperties = ref<{
 
 const filterText = ref("")
 
+const persistenceService = useService(PersistenceService)
+
+const collectionPropertiesModalActiveTab = ref<GQLOptionTabs>("headers")
+
+onMounted(() => {
+  const localOAuthTempConfig =
+    persistenceService.getLocalConfig("oauth_temp_config")
+
+  if (!localOAuthTempConfig) {
+    return
+  }
+
+  const { context, source, token }: PersistedOAuthConfig =
+    JSON.parse(localOAuthTempConfig)
+
+  if (source === "REST") {
+    return
+  }
+
+  if (context?.type === "collection-properties") {
+    // load the unsaved editing properties
+    const unsavedCollectionPropertiesString = persistenceService.getLocalConfig(
+      "unsaved_collection_properties"
+    )
+
+    if (unsavedCollectionPropertiesString) {
+      const unsavedCollectionProperties: EditingProperties<"GraphQL"> =
+        JSON.parse(unsavedCollectionPropertiesString)
+
+      const auth = unsavedCollectionProperties.collection?.auth
+
+      if (auth?.authType === "oauth-2") {
+        const grantTypeInfo = auth.grantTypeInfo
+
+        grantTypeInfo && (grantTypeInfo.token = token ?? "")
+      }
+
+      editingProperties.value = unsavedCollectionProperties
+    }
+
+    persistenceService.removeLocalConfig("oauth_temp_config")
+    collectionPropertiesModalActiveTab.value = "authorization"
+    showModalEditProperties.value = true
+  }
+})
+
 const filteredCollections = computed(() => {
   const collectionsClone = clone(collections.value)
 
diff --git a/packages/hoppscotch-common/src/components/collections/index.vue b/packages/hoppscotch-common/src/components/collections/index.vue
index 9a53a6954..ace0f83d8 100644
--- a/packages/hoppscotch-common/src/components/collections/index.vue
+++ b/packages/hoppscotch-common/src/components/collections/index.vue
@@ -161,8 +161,10 @@
       @hide-modal="displayTeamModalAdd(false)"
     />
     <CollectionsProperties
+      v-model="collectionPropertiesModalActiveTab"
       :show="showModalEditProperties"
       :editing-properties="editingProperties"
+      source="REST"
       @hide-modal="displayModalEditProperties(false)"
       @set-collection-properties="setCollectionProperties"
     />
@@ -170,7 +172,7 @@
 </template>
 
 <script setup lang="ts">
-import { computed, nextTick, PropType, ref, watch } from "vue"
+import { computed, nextTick, onMounted, PropType, ref, watch } from "vue"
 import { useToast } from "@composables/toast"
 import { useI18n } from "@composables/i18n"
 import { Picked } from "~/helpers/types/HoppPicked"
@@ -248,6 +250,10 @@ import { useService } from "dioc/vue"
 import { RESTTabService } from "~/services/tab/rest"
 import { HoppInheritedProperty } from "~/helpers/types/HoppInheritedProperties"
 import { TeamSearchService } from "~/helpers/teams/TeamsSearch.service"
+import { PersistenceService } from "~/services/persistence"
+import { PersistedOAuthConfig } from "~/services/oauth/oauth.service"
+import { RESTOptionTabs } from "../http/RequestOptions.vue"
+import { EditingProperties } from "./Properties.vue"
 
 const t = useI18n()
 const toast = useToast()
@@ -299,12 +305,7 @@ const editingRequestName = ref("")
 const editingRequestIndex = ref<number | null>(null)
 const editingRequestID = ref<string | null>(null)
 
-const editingProperties = ref<{
-  collection: Partial<HoppCollection> | null
-  isRootCollection: boolean
-  path: string
-  inheritedProperties?: HoppInheritedProperty
-}>({
+const editingProperties = ref<EditingProperties>({
   collection: null,
   isRootCollection: false,
   path: "",
@@ -387,6 +388,55 @@ watch(
     immediate: true,
   }
 )
+const persistenceService = useService(PersistenceService)
+
+const collectionPropertiesModalActiveTab = ref<RESTOptionTabs>("headers")
+
+onMounted(() => {
+  const localOAuthTempConfig =
+    persistenceService.getLocalConfig("oauth_temp_config")
+
+  if (!localOAuthTempConfig) {
+    return
+  }
+
+  const { context, source, token }: PersistedOAuthConfig =
+    JSON.parse(localOAuthTempConfig)
+
+  if (source === "GraphQL") {
+    return
+  }
+
+  if (context?.type === "collection-properties") {
+    // load the unsaved editing properties
+    const unsavedCollectionPropertiesString = persistenceService.getLocalConfig(
+      "unsaved_collection_properties"
+    )
+
+    if (unsavedCollectionPropertiesString) {
+      const unsavedCollectionProperties: EditingProperties<"REST"> = JSON.parse(
+        unsavedCollectionPropertiesString
+      )
+
+      // casting because the type `EditingProperties["collection"]["auth"] and the usage in Properties.vue is different. there it's casted as an any.
+      // FUTURE-TODO: look into this
+      // @ts-expect-error because of the above reason
+      const auth = unsavedCollectionProperties.collection?.auth as HoppRESTAuth
+
+      if (auth?.authType === "oauth-2") {
+        const grantTypeInfo = auth.grantTypeInfo
+
+        grantTypeInfo && (grantTypeInfo.token = token ?? "")
+      }
+
+      editingProperties.value = unsavedCollectionProperties
+    }
+
+    persistenceService.removeLocalConfig("oauth_temp_config")
+    collectionPropertiesModalActiveTab.value = "authorization"
+    showModalEditProperties.value = true
+  }
+})
 
 watch(
   () => myTeams.value,
diff --git a/packages/hoppscotch-common/src/components/graphql/Authorization.vue b/packages/hoppscotch-common/src/components/graphql/Authorization.vue
index d1b6505de..b98cffc85 100644
--- a/packages/hoppscotch-common/src/components/graphql/Authorization.vue
+++ b/packages/hoppscotch-common/src/components/graphql/Authorization.vue
@@ -82,7 +82,7 @@
                 :active="authName === 'OAuth 2.0'"
                 @click="
                   () => {
-                    auth.authType = 'oauth-2'
+                    selectOAuth2AuthType()
                     hide()
                   }
                 "
@@ -189,12 +189,12 @@
         <div v-if="auth.authType === 'oauth-2'">
           <div class="flex flex-1 border-b border-dividerLight">
             <SmartEnvInput
-              v-model="auth.token"
+              v-model="auth.grantTypeInfo.token"
               :environment-highlights="false"
               placeholder="Token"
             />
           </div>
-          <HttpOAuth2Authorization v-model="auth" />
+          <HttpOAuth2Authorization v-model="auth" source="GraphQL" />
         </div>
         <div v-if="auth.authType === 'api-key'">
           <HttpAuthorizationApiKey v-model="auth" />
@@ -220,19 +220,22 @@
 </template>
 
 <script setup lang="ts">
+import { useI18n } from "@composables/i18n"
+import { pluckRef } from "@composables/ref"
+import { useColorMode } from "@composables/theming"
+import { HoppGQLAuth, HoppGQLAuthOAuth2 } from "@hoppscotch/data"
+import { useVModel } from "@vueuse/core"
+import { computed, onMounted, ref } from "vue"
+
+import { HoppInheritedProperty } from "~/helpers/types/HoppInheritedProperties"
+
+import IconCircle from "~icons/lucide/circle"
+import IconCircleDot from "~icons/lucide/circle-dot"
+import IconExternalLink from "~icons/lucide/external-link"
 import IconHelpCircle from "~icons/lucide/help-circle"
 import IconTrash2 from "~icons/lucide/trash-2"
-import IconExternalLink from "~icons/lucide/external-link"
-import IconCircleDot from "~icons/lucide/circle-dot"
-import IconCircle from "~icons/lucide/circle"
-import { computed, ref } from "vue"
-import { HoppGQLAuth } from "@hoppscotch/data"
-import { pluckRef } from "@composables/ref"
-import { useI18n } from "@composables/i18n"
-import { useColorMode } from "@composables/theming"
-import { useVModel } from "@vueuse/core"
-import { HoppInheritedProperty } from "~/helpers/types/HoppInheritedProperties"
-import { onMounted } from "vue"
+
+import { getDefaultAuthCodeOauthFlowParams } from "~/services/oauth/flows/authCode"
 
 const t = useI18n()
 
@@ -280,6 +283,30 @@ const getAuthName = (type: HoppGQLAuth["authType"] | undefined) => {
   return AUTH_KEY_NAME[type] ? AUTH_KEY_NAME[type] : "None"
 }
 
+const selectOAuth2AuthType = () => {
+  const defaultGrantTypeInfo: HoppGQLAuthOAuth2["grantTypeInfo"] = {
+    ...getDefaultAuthCodeOauthFlowParams(),
+    grantType: "AUTHORIZATION_CODE",
+    token: "",
+  }
+
+  // @ts-expect-error - the existing grantTypeInfo might be in the auth object, typescript doesnt know that
+  const existingGrantTypeInfo = auth.value.grantTypeInfo as
+    | HoppGQLAuthOAuth2["grantTypeInfo"]
+    | undefined
+
+  const grantTypeInfo = existingGrantTypeInfo
+    ? existingGrantTypeInfo
+    : defaultGrantTypeInfo
+
+  auth.value = <HoppGQLAuth>{
+    ...auth.value,
+    authType: "oauth-2",
+    addTo: "HEADERS",
+    grantTypeInfo: grantTypeInfo,
+  }
+}
+
 const authActive = pluckRef(auth, "authActive")
 
 const clearContent = () => {
diff --git a/packages/hoppscotch-common/src/components/graphql/Headers.vue b/packages/hoppscotch-common/src/components/graphql/Headers.vue
index 4c3e9e25b..e87d6ee57 100644
--- a/packages/hoppscotch-common/src/components/graphql/Headers.vue
+++ b/packages/hoppscotch-common/src/components/graphql/Headers.vue
@@ -579,12 +579,18 @@ const getComputedAuthHeaders = (
     })
   } else if (
     request.auth.authType === "bearer" ||
-    request.auth.authType === "oauth-2"
+    (request.auth.authType === "oauth-2" && request.auth.addTo === "HEADERS")
   ) {
+    const requestAuth = request.auth
+
+    const isOAuth2 = requestAuth.authType === "oauth-2"
+
+    const token = isOAuth2 ? requestAuth.grantTypeInfo.token : requestAuth.token
+
     headers.push({
       active: true,
       key: "Authorization",
-      value: `Bearer ${request.auth.token}`,
+      value: `Bearer ${token}`,
     })
   } else if (request.auth.authType === "api-key") {
     const { key, addTo } = request.auth
diff --git a/packages/hoppscotch-common/src/components/http/Authorization.vue b/packages/hoppscotch-common/src/components/http/Authorization.vue
index 4108d3a14..bdd426e4f 100644
--- a/packages/hoppscotch-common/src/components/http/Authorization.vue
+++ b/packages/hoppscotch-common/src/components/http/Authorization.vue
@@ -82,7 +82,7 @@
                 :active="authName === 'OAuth 2.0'"
                 @click="
                   () => {
-                    auth.authType = 'oauth-2'
+                    selectOAuth2AuthType()
                     hide()
                   }
                 "
@@ -177,15 +177,24 @@
             />
           </div>
         </div>
-        <div v-if="auth.authType === 'oauth-2'">
+        <div v-if="auth.authType === 'oauth-2'" class="w-full">
           <div class="flex flex-1 border-b border-dividerLight">
+            <!-- Ensure a new object is assigned here to avoid reactivity issues -->
             <SmartEnvInput
-              v-model="auth.token"
+              :model-value="auth.grantTypeInfo.token"
               placeholder="Token"
               :envs="envs"
+              @update:model-value="
+                auth.grantTypeInfo = { ...auth.grantTypeInfo, token: $event }
+              "
             />
           </div>
-          <HttpOAuth2Authorization v-model="auth" :envs="envs" />
+          <HttpOAuth2Authorization
+            v-model="auth"
+            :is-collection-property="isCollectionProperty"
+            :envs="envs"
+            :source="source"
+          />
         </div>
         <div v-if="auth.authType === 'api-key'">
           <HttpAuthorizationApiKey v-model="auth" :envs="envs" />
@@ -217,7 +226,7 @@ import IconExternalLink from "~icons/lucide/external-link"
 import IconCircleDot from "~icons/lucide/circle-dot"
 import IconCircle from "~icons/lucide/circle"
 import { computed, ref } from "vue"
-import { HoppRESTAuth } from "@hoppscotch/data"
+import { HoppRESTAuth, HoppRESTAuthOAuth2 } from "@hoppscotch/data"
 import { pluckRef } from "@composables/ref"
 import { useI18n } from "@composables/i18n"
 import { useColorMode } from "@composables/theming"
@@ -226,17 +235,27 @@ import { onMounted } from "vue"
 import { HoppInheritedProperty } from "~/helpers/types/HoppInheritedProperties"
 import { AggregateEnvironment } from "~/newstore/environments"
 
+import { getDefaultAuthCodeOauthFlowParams } from "~/services/oauth/flows/authCode"
+
 const t = useI18n()
 
 const colorMode = useColorMode()
 
-const props = defineProps<{
-  modelValue: HoppRESTAuth
-  isCollectionProperty?: boolean
-  isRootCollection?: boolean
-  inheritedProperties?: HoppInheritedProperty
-  envs?: AggregateEnvironment[]
-}>()
+const props = withDefaults(
+  defineProps<{
+    modelValue: HoppRESTAuth
+    isCollectionProperty?: boolean
+    isRootCollection?: boolean
+    inheritedProperties?: HoppInheritedProperty
+    envs?: AggregateEnvironment[]
+    source?: "REST" | "GraphQL"
+  }>(),
+  {
+    source: "REST",
+    envs: undefined,
+    inheritedProperties: undefined,
+  }
+)
 
 const emit = defineEmits<{
   (e: "update:modelValue", value: HoppRESTAuth): void
@@ -272,6 +291,30 @@ const getAuthName = (type: HoppRESTAuth["authType"] | undefined) => {
   return AUTH_KEY_NAME[type] ? AUTH_KEY_NAME[type] : "None"
 }
 
+const selectOAuth2AuthType = () => {
+  const defaultGrantTypeInfo: HoppRESTAuthOAuth2["grantTypeInfo"] = {
+    ...getDefaultAuthCodeOauthFlowParams(),
+    grantType: "AUTHORIZATION_CODE",
+    token: "",
+  }
+
+  // @ts-expect-error - the existing grantTypeInfo might be in the auth object, typescript doesnt know that
+  const existingGrantTypeInfo = auth.value.grantTypeInfo as
+    | HoppRESTAuthOAuth2["grantTypeInfo"]
+    | undefined
+
+  const grantTypeInfo = existingGrantTypeInfo
+    ? existingGrantTypeInfo
+    : defaultGrantTypeInfo
+
+  auth.value = <HoppRESTAuth>{
+    ...auth.value,
+    authType: "oauth-2",
+    addTo: "HEADERS",
+    grantTypeInfo: grantTypeInfo,
+  }
+}
+
 const authActive = pluckRef(auth, "authActive")
 
 const clearContent = () => {
diff --git a/packages/hoppscotch-common/src/components/http/OAuth2Authorization.vue b/packages/hoppscotch-common/src/components/http/OAuth2Authorization.vue
index a6dbc0a51..614a1a954 100644
--- a/packages/hoppscotch-common/src/components/http/OAuth2Authorization.vue
+++ b/packages/hoppscotch-common/src/components/http/OAuth2Authorization.vue
@@ -1,158 +1,992 @@
 <template>
+  <div class="flex items-center px-4 border-b border-dividerLight">
+    <label class="truncate font-semibold text-secondaryLight">
+      {{ t("authorization.oauth.grant_type") }}
+    </label>
+
+    <tippy
+      placement="bottom"
+      interactive
+      trigger="click"
+      theme="popover"
+      :on-shown="() => grantTypeTippyActions?.focus()"
+      class="!flex-initial"
+    >
+      <HoppSmartSelectWrapper>
+        <HoppButtonSecondary
+          class="ml-2 rounded-none pr-8"
+          :label="selectedGrantType?.label"
+        />
+      </HoppSmartSelectWrapper>
+      <template #content="{ hide }">
+        <div
+          ref="grantTypeTippyActions"
+          class="flex flex-col focus:outline-none"
+          tabindex="0"
+          @keyup.escape="hide()"
+        >
+          <HoppSmartItem
+            v-for="grantType in supportedGrantTypes"
+            :key="grantType.id"
+            :label="grantType.label"
+            :icon="
+              selectedGrantTypeID === grantType.id ? IconCircleDot : IconCircle
+            "
+            :active="selectedGrantTypeID === grantType.id"
+            @click="
+              () => {
+                changeSelectedGrantType(grantType.id)
+
+                hide()
+              }
+            "
+          />
+        </div>
+      </template>
+    </tippy>
+  </div>
+
   <div class="flex flex-col">
-    <div class="flex flex-1 border-b border-dividerLight">
+    <div
+      v-for="element in currentOAuthGrantTypeFormElements"
+      :key="element.id"
+      class="flex flex-1 border-b border-dividerLight"
+    >
       <SmartEnvInput
-        v-model="oidcDiscoveryURL"
-        :styles="
-          hasAccessTokenOrAuthURL ? 'pointer-events-none opacity-70' : ''
-        "
-        :auto-complete-env="true"
-        placeholder="OpenID Connect Discovery URL"
+        v-if="element.type === 'text'"
+        v-model="element.ref.value"
+        :placeholder="element.label"
         :envs="envs"
-      />
-    </div>
-    <div class="flex flex-1 border-b border-dividerLight">
-      <SmartEnvInput
-        v-model="authURL"
-        placeholder="Authorization URL"
         :auto-complete-env="true"
-        :styles="hasOIDCURL ? 'pointer-events-none opacity-70' : ''"
-        :envs="envs"
       />
+      <div
+        v-else-if="element.type === 'checkbox'"
+        class="px-4 py-2 flex items-center"
+      >
+        <span class="text-secondaryLight font-semibold mr-6">{{
+          element.label
+        }}</span>
+        <HoppSmartCheckbox
+          class="text-secondaryLight flex"
+          :on="element.ref.value"
+          @change="element.ref.value = !element.ref.value"
+        ></HoppSmartCheckbox>
+      </div>
+      <div
+        v-else-if="element.type === 'dropdown'"
+        class="flex items-center px-4"
+      >
+        <label class="truncate text-secondaryLight">
+          {{ element.label }}
+        </label>
+        <tippy
+          v-if="element.ref.value"
+          interactive
+          trigger="click"
+          theme="popover"
+          class="!flex-initial"
+        >
+          <HoppSmartSelectWrapper>
+            <HoppButtonSecondary
+              class="ml-2 rounded-none pr-8"
+              :label="element.ref.value.label"
+            />
+          </HoppSmartSelectWrapper>
+          <template #content="{ hide }">
+            <div
+              :ref="element.tippyRefName"
+              class="flex flex-col focus:outline-none"
+              tabindex="0"
+              @keyup.escape="hide()"
+            >
+              <HoppSmartItem
+                v-for="item in element.options"
+                :key="item.id"
+                :label="item.label"
+                :icon="
+                  element.ref.value.id === item.id ? IconCircleDot : IconCircle
+                "
+                :active="element.ref.value.id === item.id"
+                @click="
+                  () => {
+                    element.ref.value = item
+                    hide()
+                  }
+                "
+              ></HoppSmartItem>
+            </div>
+          </template>
+        </tippy>
+      </div>
     </div>
-    <div class="flex flex-1 border-b border-dividerLight">
-      <SmartEnvInput
-        v-model="accessTokenURL"
-        placeholder="Access Token URL"
-        :auto-complete-env="true"
-        :styles="hasOIDCURL ? 'pointer-events-none opacity-70' : ''"
-        :envs="envs"
-      />
-    </div>
-    <div class="flex flex-1 border-b border-dividerLight">
-      <SmartEnvInput
-        v-model="clientID"
-        :auto-complete-env="true"
-        placeholder="Client ID"
-        :envs="envs"
-      />
-    </div>
-    <div class="flex flex-1 border-b border-dividerLight">
-      <SmartEnvInput
-        v-model="clientSecret"
-        :auto-complete-env="true"
-        placeholder="Client Secret"
-        :envs="envs"
-      />
-    </div>
-    <div class="flex flex-1 border-b border-dividerLight">
-      <SmartEnvInput
-        v-model="scope"
-        :auto-complete-env="true"
-        placeholder="Scope"
-        :envs="envs"
-      />
+
+    <div class="flex items-center border-b border-dividerLight">
+      <span class="flex items-center">
+        <label class="ml-4 text-secondaryLight">
+          {{ t("authorization.pass_key_by") }}
+        </label>
+        <tippy
+          interactive
+          trigger="click"
+          theme="popover"
+          :on-shown="() => authTippyActions?.focus()"
+        >
+          <HoppSmartSelectWrapper>
+            <HoppButtonSecondary
+              :label="passBy"
+              class="ml-2 rounded-none pr-8"
+            />
+          </HoppSmartSelectWrapper>
+          <template #content="{ hide }">
+            <div
+              ref="authTippyActions"
+              class="flex flex-col focus:outline-none"
+              tabindex="0"
+              @keyup.escape="hide()"
+            >
+              <HoppSmartItem
+                v-for="addToTarget in addToTargets"
+                :key="addToTarget.id"
+                :label="addToTarget.label"
+                :icon="
+                  auth.addTo === addToTarget.id ? IconCircleDot : IconCircle
+                "
+                :active="auth.addTo === addToTarget.id"
+                @click="
+                  () => {
+                    auth.addTo = addToTarget.id
+                    hide()
+                  }
+                "
+              />
+            </div>
+          </template>
+        </tippy>
+      </span>
     </div>
+
     <div class="p-2">
       <HoppButtonSecondary
         filled
         :label="`${t('authorization.generate_token')}`"
-        @click="handleAccessTokenRequest()"
+        @click="generateOAuthToken()"
       />
     </div>
   </div>
 </template>
 
 <script setup lang="ts">
-import { ref, watch } from "vue"
 import {
   HoppGQLAuthOAuth2,
   HoppRESTAuthOAuth2,
-  parseTemplateString,
+  parseTemplateStringE,
 } from "@hoppscotch/data"
-import { pluckRef } from "@composables/ref"
-import { useI18n } from "@composables/i18n"
-import { useToast } from "@composables/toast"
-import { tokenRequest } from "~/helpers/oauth"
-import { getCombinedEnvVariables } from "~/helpers/preRequest"
+import { useService } from "dioc/vue"
 import * as E from "fp-ts/Either"
-import { computed } from "vue"
+import { Ref, computed, ref } from "vue"
+import { z } from "zod"
+import { useI18n } from "~/composables/i18n"
+import { refWithCallbackOnChange } from "~/composables/ref"
+import { useToast } from "~/composables/toast"
+import { getCombinedEnvVariables } from "~/helpers/preRequest"
+import { AggregateEnvironment } from "~/newstore/environments"
+import authCode, {
+  AuthCodeOauthFlowParams,
+  getDefaultAuthCodeOauthFlowParams,
+} from "~/services/oauth/flows/authCode"
+import clientCredentials, {
+  ClientCredentialsFlowParams,
+  getDefaultClientCredentialsFlowParams,
+} from "~/services/oauth/flows/clientCredentials"
+import implicit, {
+  ImplicitOauthFlowParams,
+  getDefaultImplicitOauthFlowParams,
+} from "~/services/oauth/flows/implicit"
+import passwordFlow, {
+  PasswordFlowParams,
+  getDefaultPasswordFlowParams,
+} from "~/services/oauth/flows/password"
+import {
+  PersistedOAuthConfig,
+  grantTypesInvolvingRedirect,
+} from "~/services/oauth/oauth.service"
+import { PersistenceService } from "~/services/persistence"
+import { GQLTabService } from "~/services/tab/graphql"
+import { RESTTabService } from "~/services/tab/rest"
+import IconCircle from "~icons/lucide/circle"
+import IconCircleDot from "~icons/lucide/circle-dot"
 
 const t = useI18n()
 const toast = useToast()
 
+const gqlTabsService = useService(GQLTabService)
+const persistenceService = useService(PersistenceService)
+const restTabsService = useService(RESTTabService)
+
 const props = defineProps<{
   modelValue: HoppRESTAuthOAuth2 | HoppGQLAuthOAuth2
+  isCollectionProperty?: boolean
   envs?: AggregateEnvironment[]
-}>()
-
-const emit = defineEmits<{
-  (e: "update:modelValue", value: HoppRESTAuthOAuth2): void
+  source: "REST" | "GraphQL"
 }>()
 
 const auth = ref(props.modelValue)
 
-watch(
-  () => auth.value,
-  (val) => {
-    emit("update:modelValue", val)
-  }
-)
+const addToTargets = [
+  {
+    id: "HEADERS" as const,
+    label: "Headers",
+  },
+  {
+    id: "QUERY_PARAMS" as const,
+    label: "Query Params",
+  },
+]
 
-const oidcDiscoveryURL = pluckRef(auth, "oidcDiscoveryURL")
-const hasOIDCURL = computed(() => {
-  return oidcDiscoveryURL.value
+const passBy = computed(() => {
+  return (
+    addToTargets.find((target) => target.id === auth.value.addTo)?.label ||
+    t("state.none")
+  )
 })
 
-const authURL = pluckRef(auth, "authURL")
+const supportedGrantTypes = [
+  {
+    // used for both authCode and authCodePKCE
+    id: "authCode" as const,
+    label: t("authorization.oauth.label_auth_code"),
+    formElements: computed(() => {
+      if (!(auth.value.grantTypeInfo.grantType === "AUTHORIZATION_CODE")) {
+        return
+      }
 
-const accessTokenURL = pluckRef(auth, "accessTokenURL")
-const hasAccessTokenOrAuthURL = computed(() => {
-  return accessTokenURL.value || authURL.value
+      const grantType = auth.value.grantTypeInfo
+
+      const authEndpoint = refWithCallbackOnChange(
+        grantType?.authEndpoint,
+        (value) => {
+          auth.value.grantTypeInfo = {
+            ...auth.value.grantTypeInfo,
+            authEndpoint: value,
+          }
+        }
+      )
+
+      const tokenEndpoint = refWithCallbackOnChange(
+        grantType?.tokenEndpoint,
+        (value) => {
+          if (!("tokenEndpoint" in auth.value.grantTypeInfo)) {
+            return
+          }
+
+          auth.value.grantTypeInfo = {
+            ...auth.value.grantTypeInfo,
+            tokenEndpoint: value,
+          }
+        }
+      )
+
+      const clientID = refWithCallbackOnChange(grantType?.clientID, (value) => {
+        auth.value.grantTypeInfo = {
+          ...auth.value.grantTypeInfo,
+          clientID: value,
+        }
+      })
+
+      const clientSecret = refWithCallbackOnChange(
+        grantType?.clientSecret,
+        (value) => {
+          if (!("clientSecret" in auth.value.grantTypeInfo)) {
+            return
+          }
+
+          auth.value.grantTypeInfo = {
+            ...auth.value.grantTypeInfo,
+            clientSecret: value,
+          }
+        }
+      )
+
+      const scopes = refWithCallbackOnChange(
+        grantType?.scopes ? grantType.scopes : undefined,
+        (value) => {
+          auth.value.grantTypeInfo = {
+            ...auth.value.grantTypeInfo,
+            scopes: value,
+          }
+        }
+      )
+
+      const isPKCE = refWithCallbackOnChange(
+        auth.value.grantTypeInfo.isPKCE,
+        (value) => {
+          if (!("isPKCE" in auth.value.grantTypeInfo)) {
+            return
+          }
+
+          auth.value.grantTypeInfo = {
+            ...auth.value.grantTypeInfo,
+            isPKCE: value,
+          }
+        }
+      )
+
+      const codeChallenge: Ref<{
+        id: "plain" | "S256"
+        label: string
+      } | null> = refWithCallbackOnChange(
+        auth.value.grantTypeInfo.codeVerifierMethod
+          ? {
+              id: auth.value.grantTypeInfo.codeVerifierMethod,
+              label:
+                auth.value.grantTypeInfo.codeVerifierMethod === "plain"
+                  ? "Plain"
+                  : "SHA-256",
+            }
+          : null,
+        (value) => {
+          if (!("codeVerifierMethod" in auth.value.grantTypeInfo) || !value) {
+            return
+          }
+
+          auth.value.grantTypeInfo = {
+            ...auth.value.grantTypeInfo,
+            codeVerifierMethod: value.id,
+          }
+        }
+      )
+
+      const runAction = () => {
+        const params: AuthCodeOauthFlowParams = {
+          authEndpoint: authEndpoint.value,
+          tokenEndpoint: tokenEndpoint.value,
+          clientID: clientID.value,
+          clientSecret: clientSecret.value,
+          scopes: scopes.value,
+          isPKCE: isPKCE.value,
+          codeVerifierMethod: codeChallenge.value?.id,
+        }
+
+        const unwrappedParams = replaceTemplateStringsInObjectValues(params)
+
+        const parsedArgs = authCode.params.safeParse(unwrappedParams)
+
+        if (!parsedArgs.success) {
+          return E.left("VALIDATION_FAILED" as const)
+        }
+
+        authCode.init(parsedArgs.data)
+
+        return E.right(undefined)
+      }
+
+      const pkceElements = computed(() => {
+        const checkbox = {
+          id: "isPKCE",
+          label: t("authorization.oauth.label_use_pkce"),
+          type: "checkbox" as const,
+          ref: isPKCE,
+          onChange: (e: Event) => {
+            const target = e.target as HTMLInputElement
+
+            isPKCE.value = target.checked
+          },
+        }
+
+        return isPKCE.value
+          ? [
+              checkbox,
+              {
+                id: "codeChallenge",
+                label: t("authorization.oauth.label_code_challenge"),
+                type: "dropdown" as const,
+                ref: codeChallenge,
+                tippyRefName: "pkceTippyActions",
+                tippyRef: pkceTippyActions,
+                options: [
+                  {
+                    id: "plain" as const,
+                    label: "Plain",
+                  },
+                  {
+                    id: "S256" as const,
+                    label: "SHA-256",
+                  },
+                ],
+              },
+            ]
+          : [checkbox]
+      })
+
+      const elements = computed(() => {
+        return [
+          ...pkceElements.value,
+          {
+            id: "authEndpoint",
+            label: t("authorization.oauth.label_authorization_endpoint"),
+            type: "text" as const,
+            ref: authEndpoint,
+          },
+          {
+            id: "tokenEndpoint",
+            label: t("authorization.oauth.label_token_endpoint"),
+            type: "text" as const,
+            ref: tokenEndpoint,
+          },
+          {
+            id: "clientId",
+            label: t("authorization.oauth.label_client_id"),
+            type: "text" as const,
+            ref: clientID,
+          },
+          {
+            id: "clientSecret",
+            label: t("authorization.oauth.label_client_secret"),
+            type: "text" as const,
+            ref: clientSecret,
+          },
+          {
+            id: "scopes",
+            label: t("authorization.oauth.label_scopes"),
+            type: "text" as const,
+            ref: scopes,
+          },
+        ]
+      })
+
+      return {
+        runAction,
+        elements,
+      }
+    }),
+  },
+  {
+    id: "clientCredentials" as const,
+    label: t("authorization.oauth.label_client_credentials"),
+    formElements: computed(() => {
+      if (!(auth.value.grantTypeInfo.grantType === "CLIENT_CREDENTIALS")) {
+        return
+      }
+
+      const grantTypeInfo = auth.value.grantTypeInfo
+
+      const authEndpoint = refWithCallbackOnChange(
+        grantTypeInfo?.authEndpoint,
+        (value) => {
+          auth.value.grantTypeInfo = {
+            ...auth.value.grantTypeInfo,
+            authEndpoint: value,
+          }
+        }
+      )
+
+      const clientID = refWithCallbackOnChange(
+        grantTypeInfo?.clientID,
+        (value) => {
+          auth.value.grantTypeInfo = {
+            ...auth.value.grantTypeInfo,
+            clientID: value,
+          }
+        }
+      )
+
+      const clientSecret = refWithCallbackOnChange(
+        grantTypeInfo?.clientSecret,
+        (value) => {
+          if (!("clientSecret" in auth.value.grantTypeInfo)) {
+            return
+          }
+
+          auth.value.grantTypeInfo = {
+            ...auth.value.grantTypeInfo,
+            clientSecret: value,
+          }
+        }
+      )
+
+      const scopes = refWithCallbackOnChange(
+        grantTypeInfo?.scopes ? grantTypeInfo.scopes : undefined,
+        (value) => {
+          auth.value.grantTypeInfo = {
+            ...auth.value.grantTypeInfo,
+            scopes: value,
+          }
+        }
+      )
+
+      const runAction = async () => {
+        const values: ClientCredentialsFlowParams =
+          replaceTemplateStringsInObjectValues({
+            authEndpoint: authEndpoint.value,
+            clientID: clientID.value,
+            clientSecret: clientSecret.value,
+            scopes: scopes.value,
+          })
+
+        const parsedArgs = clientCredentials.params.safeParse(values)
+
+        if (!parsedArgs.success) {
+          return E.left("VALIDATION_FAILED" as const)
+        }
+
+        const res = await clientCredentials.init(parsedArgs.data)
+
+        if (E.isLeft(res)) {
+          return E.left("OAUTH_TOKEN_FETCH_FAILED" as const)
+        }
+
+        setAccessTokenInActiveContext(res.right?.access_token)
+
+        toast.success(t("authorization.oauth.token_fetched_successfully"))
+
+        return E.right(undefined)
+      }
+
+      const elements = computed(() => {
+        return [
+          {
+            id: "authEndpoint",
+            label: "Authorization Endpoint",
+            type: "text" as const,
+            ref: authEndpoint,
+          },
+          {
+            id: "clientId",
+            label: "Client ID",
+            type: "text" as const,
+            ref: clientID,
+          },
+          {
+            id: "clientSecret",
+            label: "Client Secret",
+            type: "text" as const,
+            ref: clientSecret,
+          },
+          {
+            id: "scopes",
+            label: "Scopes",
+            type: "text" as const,
+            ref: scopes,
+          },
+        ]
+      })
+
+      return {
+        runAction,
+        elements,
+      }
+    }),
+  },
+  {
+    id: "password" as const,
+    label: "Password",
+    formElements: computed(() => {
+      if (!(auth.value.grantTypeInfo.grantType === "PASSWORD")) {
+        return
+      }
+
+      const grantTypeInfo = auth.value.grantTypeInfo
+
+      const authEndpoint = refWithCallbackOnChange(
+        grantTypeInfo?.authEndpoint,
+        (value) => {
+          auth.value.grantTypeInfo = {
+            ...auth.value.grantTypeInfo,
+            authEndpoint: value,
+          }
+        }
+      )
+
+      const clientID = refWithCallbackOnChange(
+        grantTypeInfo?.clientID,
+        (value) => {
+          auth.value.grantTypeInfo = {
+            ...auth.value.grantTypeInfo,
+            clientID: value,
+          }
+        }
+      )
+
+      const clientSecret = refWithCallbackOnChange(
+        grantTypeInfo?.clientSecret,
+        (value) => {
+          if (!("clientSecret" in auth.value.grantTypeInfo)) {
+            return
+          }
+
+          auth.value.grantTypeInfo = {
+            ...auth.value.grantTypeInfo,
+            clientSecret: value,
+          }
+        }
+      )
+
+      const scopes = refWithCallbackOnChange(
+        grantTypeInfo?.scopes ? grantTypeInfo.scopes : undefined,
+        (value) => {
+          auth.value.grantTypeInfo.scopes = value
+        }
+      )
+
+      const username = refWithCallbackOnChange(
+        grantTypeInfo?.username,
+        (value) => {
+          if (!("username" in auth.value.grantTypeInfo)) {
+            return
+          }
+
+          auth.value.grantTypeInfo = {
+            ...auth.value.grantTypeInfo,
+            username: value,
+          }
+        }
+      )
+
+      const password = refWithCallbackOnChange(
+        grantTypeInfo?.password,
+        (value) => {
+          if (!("password" in auth.value.grantTypeInfo)) {
+            return
+          }
+
+          auth.value.grantTypeInfo = {
+            ...auth.value.grantTypeInfo,
+            password: value,
+          }
+        }
+      )
+
+      const runAction = async () => {
+        const values: PasswordFlowParams = replaceTemplateStringsInObjectValues(
+          {
+            authEndpoint: authEndpoint.value,
+            clientID: clientID.value,
+            clientSecret: clientSecret.value,
+            scopes: scopes.value,
+            username: username.value,
+            password: password.value,
+          }
+        )
+
+        const parsedArgs = passwordFlow.params.safeParse(values)
+
+        if (!parsedArgs.success) {
+          return E.left("VALIDATION_FAILED" as const)
+        }
+
+        const res = await passwordFlow.init(parsedArgs.data)
+
+        if (E.isLeft(res)) {
+          return E.left("OAUTH_TOKEN_FETCH_FAILED" as const)
+        }
+
+        setAccessTokenInActiveContext(res.right?.access_token)
+
+        toast.success(t("authorization.oauth.token_fetched_successfully"))
+
+        return E.right(undefined)
+      }
+
+      const elements = computed(() => {
+        return [
+          {
+            id: "authEndpoint",
+            label: t("authorization.oauth.label_authorization_endpoint"),
+            type: "text" as const,
+            ref: authEndpoint,
+          },
+          {
+            id: "clientId",
+            label: t("authorization.oauth.label_client_id"),
+            type: "text" as const,
+            ref: clientID,
+          },
+          {
+            id: "clientSecret",
+            label: t("authorization.oauth.label_client_secret"),
+            type: "text" as const,
+            ref: clientSecret,
+          },
+          {
+            id: "username",
+            label: t("authorization.oauth.label_username"),
+            type: "text" as const,
+            ref: username,
+          },
+          {
+            id: "password",
+            label: t("authorization.oauth.label_password"),
+            type: "text" as const,
+            ref: password,
+          },
+          {
+            id: "scopes",
+            label: t("authorization.oauth.label_scopes"),
+            type: "text" as const,
+            ref: scopes,
+          },
+        ]
+      })
+
+      return {
+        runAction,
+        elements,
+      }
+    }),
+  },
+  {
+    id: "implicit" as const,
+    label: t("authorization.oauth.label_implicit"),
+    formElements: computed(() => {
+      const grantTypeInfo = auth.value.grantTypeInfo
+
+      const authEndpoint = refWithCallbackOnChange(
+        grantTypeInfo?.authEndpoint,
+        (value) => {
+          auth.value.grantTypeInfo = {
+            ...auth.value.grantTypeInfo,
+            authEndpoint: value,
+          }
+        }
+      )
+
+      const clientID = refWithCallbackOnChange(
+        grantTypeInfo?.clientID,
+        (value) => {
+          auth.value.grantTypeInfo = {
+            ...auth.value.grantTypeInfo,
+            clientID: value,
+          }
+        }
+      )
+
+      const scopes = refWithCallbackOnChange(
+        grantTypeInfo?.scopes ? grantTypeInfo.scopes : undefined,
+        (value) => {
+          auth.value.grantTypeInfo = {
+            ...auth.value.grantTypeInfo,
+            scopes: value,
+          }
+        }
+      )
+
+      const runAction = () => {
+        const values: ImplicitOauthFlowParams =
+          replaceTemplateStringsInObjectValues({
+            authEndpoint: authEndpoint.value,
+            clientID: clientID.value,
+            scopes: scopes.value,
+          })
+
+        const unwrappedValues = replaceTemplateStringsInObjectValues(values)
+
+        const parsedArgs = implicit.params.safeParse(unwrappedValues)
+
+        if (!parsedArgs.success) {
+          return E.left("VALIDATION_FAILED" as const)
+        }
+
+        implicit.init(parsedArgs.data)
+
+        return E.right(undefined)
+      }
+
+      const elements = computed(() => {
+        return [
+          {
+            id: "authEndpoint",
+            label: t("authorization.oauth.label_authorization_endpoint"),
+            type: "text" as const,
+            ref: authEndpoint,
+          },
+          {
+            id: "clientId",
+            label: t("authorization.oauth.label_client_id"),
+            type: "text" as const,
+            ref: clientID,
+          },
+          {
+            id: "scopes",
+            label: t("authorization.oauth.label_scopes"),
+            type: "text" as const,
+            ref: scopes,
+          },
+        ]
+      })
+
+      return {
+        runAction,
+        elements,
+      }
+    }),
+  },
+]
+
+type GrantTypes = z.infer<
+  typeof HoppRESTAuthOAuth2
+>["grantTypeInfo"]["grantType"]
+
+const grantTypeMap: Record<
+  GrantTypes,
+  (typeof supportedGrantTypes)[number]["id"]
+> = {
+  AUTHORIZATION_CODE: "authCode",
+  CLIENT_CREDENTIALS: "clientCredentials",
+  IMPLICIT: "implicit",
+  PASSWORD: "password",
+} as const
+
+const grantTypeDefaultPayload = {
+  AUTHORIZATION_CODE: getDefaultAuthCodeOauthFlowParams,
+  CLIENT_CREDENTIALS: getDefaultClientCredentialsFlowParams,
+  IMPLICIT: getDefaultImplicitOauthFlowParams,
+  PASSWORD: getDefaultPasswordFlowParams,
+} as const
+
+const selectedGrantTypeID = computed(() => {
+  const currentGrantType = auth.value.grantTypeInfo.grantType
+  return grantTypeMap[currentGrantType]
 })
 
-const clientID = pluckRef(auth, "clientID")
+const selectedGrantType = computed(() => {
+  return supportedGrantTypes.find(
+    (grantType) => grantType.id === selectedGrantTypeID.value
+  )
+})
 
-// TODO: Fix this type error. currently there is no type for clientSecret
-const clientSecret = pluckRef(auth, "clientSecret" as any)
+const setAccessTokenInActiveContext = (accessToken?: string) => {
+  if (props.isCollectionProperty && accessToken) {
+    auth.value.grantTypeInfo = {
+      ...auth.value.grantTypeInfo,
+      token: accessToken,
+    }
 
-const scope = pluckRef(auth, "scope")
-
-function translateTokenRequestError(error: string) {
-  switch (error) {
-    case "OIDC_DISCOVERY_FAILED":
-      return t("authorization.oauth.token_generation_oidc_discovery_failed")
-    default:
-      return t("authorization.oauth.something_went_wrong_on_token_generation")
-  }
-}
-
-const handleAccessTokenRequest = async () => {
-  if (!oidcDiscoveryURL.value && !(authURL.value || accessTokenURL.value)) {
-    toast.error(`${t("error.incomplete_config_urls")}`)
     return
   }
 
-  const envs = getCombinedEnvVariables()
-  const envVars = [...envs.selected, ...envs.global]
+  const tabService = props.source === "REST" ? restTabsService : gqlTabsService
 
-  try {
-    const tokenReqParams = {
-      grantType: "code",
-      oidcDiscoveryUrl: parseTemplateString(oidcDiscoveryURL.value, envVars),
-      authUrl: parseTemplateString(authURL.value, envVars),
-      accessTokenUrl: parseTemplateString(accessTokenURL.value, envVars),
-      clientId: parseTemplateString(clientID.value, envVars),
-      clientSecret: parseTemplateString(clientSecret.value, envVars),
-      scope: parseTemplateString(scope.value, envVars),
-    }
-    const res = await tokenRequest(tokenReqParams)
-
-    if (res && E.isLeft(res)) {
-      toast.error(translateTokenRequestError(res.left))
-    }
-  } catch (e) {
-    toast.error(`${e}`)
+  if (
+    tabService.currentActiveTab.value.document.request.auth.authType ===
+      "oauth-2" &&
+    accessToken
+  ) {
+    tabService.currentActiveTab.value.document.request.auth.grantTypeInfo.token =
+      accessToken
   }
 }
+
+const changeSelectedGrantType = (
+  grantType: (typeof supportedGrantTypes)[number]["id"]
+) => {
+  const keys = Object.keys(grantTypeMap) as GrantTypes[]
+
+  const grantTypeToSet = keys.find((key) => grantTypeMap[key] === grantType)
+
+  if (grantTypeToSet) {
+    auth.value.grantTypeInfo.grantType = grantTypeToSet
+
+    const getDefaultPayload = grantTypeDefaultPayload[grantTypeToSet]
+
+    // set the default payload for the grant type
+    // for eg: if the grant type was auth code, and then the user selected the password grant type,
+    // there wont be a password key in the payload
+    // so we set the default payload, and it'll add all the keys that are missing
+    if (getDefaultPayload) {
+      auth.value.grantTypeInfo = {
+        ...getDefaultPayload(),
+        ...auth.value.grantTypeInfo,
+      }
+    }
+  }
+}
+
+const runAction = computed(() => {
+  return selectedGrantType.value?.formElements.value?.runAction
+})
+
+const currentOAuthGrantTypeFormElements = computed(() => {
+  return selectedGrantType.value?.formElements.value?.elements.value
+})
+
+const generateOAuthToken = async () => {
+  if (
+    grantTypesInvolvingRedirect.includes(auth.value.grantTypeInfo.grantType)
+  ) {
+    persistenceService.setLocalConfig(
+      "oauth_temp_config",
+      JSON.stringify(<PersistedOAuthConfig>{
+        source: props.source,
+        context: props.isCollectionProperty
+          ? { type: "collection-properties", metadata: {} }
+          : { type: "request-tab" },
+      })
+    )
+  }
+
+  const res = await runAction.value?.()
+
+  if (res && E.isLeft(res)) {
+    const errorMessages = {
+      VALIDATION_FAILED: t("authorization.oauth.validation_failed"),
+      OAUTH_TOKEN_FETCH_FAILED: t("authorization.oauth.token_fetch_failed"),
+    }
+
+    toast.error(errorMessages[res.left])
+    return
+  }
+}
+
+const replaceTemplateStringsInObjectValues = <
+  T extends Record<string, unknown>,
+>(
+  obj: T
+) => {
+  const envs = getCombinedEnvVariables()
+
+  const requestVariables =
+    props.source === "REST"
+      ? restTabsService.currentActiveTab.value.document.request.requestVariables.map(
+          ({ key, value }) => ({
+            key,
+            value,
+            secret: false,
+          })
+        )
+      : []
+
+  // Ensure request variables are prioritized by removing any selected/global environment variables with the same key
+  const selectedEnvVars = envs.selected.filter(
+    ({ key }) =>
+      !requestVariables.some(({ key: reqVarKey }) => reqVarKey === key)
+  )
+  const globalEnvVars = envs.global.filter(
+    ({ key }) =>
+      !requestVariables.some(({ key: reqVarKey }) => reqVarKey === key)
+  )
+
+  const envVars = [...selectedEnvVars, ...globalEnvVars, ...requestVariables]
+
+  const newObj: Partial<T> = {}
+
+  for (const key in obj) {
+    const val = obj[key]
+
+    if (typeof val === "string") {
+      const parseResult = parseTemplateStringE(val, envVars)
+
+      newObj[key] = E.isRight(parseResult)
+        ? (parseResult.right as T[typeof key])
+        : (val as T[typeof key])
+    } else {
+      newObj[key] = val
+    }
+  }
+
+  return newObj as T
+}
+
+const grantTypeTippyActions = ref<HTMLElement | null>(null)
+const pkceTippyActions = ref<HTMLElement | null>(null)
+const authTippyActions = ref<HTMLElement | null>(null)
 </script>
diff --git a/packages/hoppscotch-common/src/composables/ref.ts b/packages/hoppscotch-common/src/composables/ref.ts
index 446d8ba50..5d9cdbd08 100644
--- a/packages/hoppscotch-common/src/composables/ref.ts
+++ b/packages/hoppscotch-common/src/composables/ref.ts
@@ -1,4 +1,4 @@
-import { customRef, onBeforeUnmount, Ref, watch } from "vue"
+import { customRef, onBeforeUnmount, ref, Ref, UnwrapRef, watch } from "vue"
 
 export function pluckRef<T, K extends keyof T>(ref: Ref<T>, key: K): Ref<T[K]> {
   return customRef((track, trigger) => {
@@ -31,3 +31,16 @@ export function pluckMultipleFromRef<T, K extends Array<keyof T>>(
 ): { [key in K[number]]: Ref<T[key]> } {
   return Object.fromEntries(keys.map((x) => [x, pluckRef(sourceRef, x)])) as any
 }
+
+export const refWithCallbackOnChange = <T>(
+  initialValue: T,
+  callback: (value: UnwrapRef<T>) => void
+) => {
+  const targetRef = ref(initialValue)
+
+  watch(targetRef, (value) => {
+    callback(value)
+  })
+
+  return targetRef
+}
diff --git a/packages/hoppscotch-common/src/helpers/collection/request.ts b/packages/hoppscotch-common/src/helpers/collection/request.ts
index 31f0d5449..d5576c3d7 100644
--- a/packages/hoppscotch-common/src/helpers/collection/request.ts
+++ b/packages/hoppscotch-common/src/helpers/collection/request.ts
@@ -66,12 +66,20 @@ export function getRequestsByPath(
   let currentCollection = collections[pathArray[0]]
 
   if (pathArray.length === 1) {
-    return currentCollection.requests
+    const latestVersionedRequests = currentCollection.requests.filter(
+      (req): req is HoppRESTRequest => req.v === "3"
+    )
+
+    return latestVersionedRequests
   }
   for (let i = 1; i < pathArray.length; i++) {
     const folder = currentCollection.folders[pathArray[i]]
     if (folder) currentCollection = folder
   }
 
-  return currentCollection.requests
+  const latestVersionedRequests = currentCollection.requests.filter(
+    (req): req is HoppRESTRequest => req.v === "3"
+  )
+
+  return latestVersionedRequests
 }
diff --git a/packages/hoppscotch-common/src/helpers/graphql/connection.ts b/packages/hoppscotch-common/src/helpers/graphql/connection.ts
index 3d603c45d..e393ddc78 100644
--- a/packages/hoppscotch-common/src/helpers/graphql/connection.ts
+++ b/packages/hoppscotch-common/src/helpers/graphql/connection.ts
@@ -269,8 +269,16 @@ export const runGQLOperation = async (options: RunQueryOptions) => {
       const username = auth.username
       const password = auth.password
       finalHeaders.Authorization = `Basic ${btoa(`${username}:${password}`)}`
-    } else if (auth.authType === "bearer" || auth.authType === "oauth-2") {
+    } else if (auth.authType === "bearer") {
       finalHeaders.Authorization = `Bearer ${auth.token}`
+    } else if (auth.authType === "oauth-2") {
+      const { addTo } = auth
+
+      if (addTo === "HEADERS") {
+        finalHeaders.Authorization = `Bearer ${auth.grantTypeInfo.token}`
+      } else if (addTo === "QUERY_PARAMS") {
+        params["access_token"] = auth.grantTypeInfo.token
+      }
     } else if (auth.authType === "api-key") {
       const { key, value, addTo } = auth
       if (addTo === "Headers") {
diff --git a/packages/hoppscotch-common/src/helpers/import-export/import/insomnia.ts b/packages/hoppscotch-common/src/helpers/import-export/import/insomnia.ts
index 5cbd4b169..a69dbb9c3 100644
--- a/packages/hoppscotch-common/src/helpers/import-export/import/insomnia.ts
+++ b/packages/hoppscotch-common/src/helpers/import-export/import/insomnia.ts
@@ -111,12 +111,16 @@ const getHoppReqAuth = (req: InsomniaRequestResource): HoppRESTAuth => {
     return {
       authType: "oauth-2",
       authActive: !(auth.disabled ?? false),
-      accessTokenURL: replaceVarTemplating(auth.accessTokenUrl ?? ""),
-      authURL: replaceVarTemplating(auth.authorizationUrl ?? ""),
-      clientID: replaceVarTemplating(auth.clientId ?? ""),
-      oidcDiscoveryURL: "",
-      scope: replaceVarTemplating(auth.scope ?? ""),
-      token: "",
+      grantTypeInfo: {
+        authEndpoint: replaceVarTemplating(auth.authorizationUrl ?? ""),
+        clientID: replaceVarTemplating(auth.clientId ?? ""),
+        clientSecret: "",
+        grantType: "AUTHORIZATION_CODE",
+        scopes: replaceVarTemplating(auth.scope ?? ""),
+        token: "",
+        isPKCE: false,
+        tokenEndpoint: replaceVarTemplating(auth.accessTokenUrl ?? ""),
+      },
     }
   else if (auth.type === "bearer")
     return {
diff --git a/packages/hoppscotch-common/src/helpers/import-export/import/openapi.ts b/packages/hoppscotch-common/src/helpers/import-export/import/openapi.ts
index cc3d8cb9c..5be636606 100644
--- a/packages/hoppscotch-common/src/helpers/import-export/import/openapi.ts
+++ b/packages/hoppscotch-common/src/helpers/import-export/import/openapi.ts
@@ -279,67 +279,92 @@ const resolveOpenAPIV3SecurityObj = (
       return {
         authType: "oauth-2",
         authActive: true,
-        accessTokenURL: scheme.flows.authorizationCode.tokenUrl ?? "",
-        authURL: scheme.flows.authorizationCode.authorizationUrl ?? "",
-        clientID: "",
-        oidcDiscoveryURL: "",
-        scope: _schemeData.join(" "),
-        token: "",
+        grantTypeInfo: {
+          grantType: "AUTHORIZATION_CODE",
+          authEndpoint: scheme.flows.authorizationCode.authorizationUrl ?? "",
+          clientID: "",
+          scopes: _schemeData.join(" "),
+          token: "",
+          isPKCE: false,
+          tokenEndpoint: scheme.flows.authorizationCode.tokenUrl ?? "",
+          clientSecret: "",
+        },
+        addTo: "HEADERS",
       }
     } else if (scheme.flows.implicit) {
       return {
         authType: "oauth-2",
         authActive: true,
-        authURL: scheme.flows.implicit.authorizationUrl ?? "",
-        accessTokenURL: "",
-        clientID: "",
-        oidcDiscoveryURL: "",
-        scope: _schemeData.join(" "),
-        token: "",
+        grantTypeInfo: {
+          grantType: "IMPLICIT",
+          authEndpoint: scheme.flows.implicit.authorizationUrl ?? "",
+          clientID: "",
+          token: "",
+          scopes: _schemeData.join(" "),
+        },
+        addTo: "HEADERS",
       }
     } else if (scheme.flows.password) {
       return {
         authType: "oauth-2",
         authActive: true,
-        authURL: "",
-        accessTokenURL: scheme.flows.password.tokenUrl ?? "",
-        clientID: "",
-        oidcDiscoveryURL: "",
-        scope: _schemeData.join(" "),
-        token: "",
+        grantTypeInfo: {
+          grantType: "PASSWORD",
+          clientID: "",
+          authEndpoint: scheme.flows.password.tokenUrl,
+          clientSecret: "",
+          password: "",
+          username: "",
+          token: "",
+          scopes: _schemeData.join(" "),
+        },
+        addTo: "HEADERS",
       }
     } else if (scheme.flows.clientCredentials) {
       return {
         authType: "oauth-2",
         authActive: true,
-        accessTokenURL: scheme.flows.clientCredentials.tokenUrl ?? "",
-        authURL: "",
-        clientID: "",
-        oidcDiscoveryURL: "",
-        scope: _schemeData.join(" "),
-        token: "",
+        grantTypeInfo: {
+          grantType: "CLIENT_CREDENTIALS",
+          authEndpoint: scheme.flows.clientCredentials.tokenUrl ?? "",
+          clientID: "",
+          clientSecret: "",
+          scopes: _schemeData.join(" "),
+          token: "",
+        },
+        addTo: "HEADERS",
       }
     }
     return {
       authType: "oauth-2",
       authActive: true,
-      accessTokenURL: "",
-      authURL: "",
-      clientID: "",
-      oidcDiscoveryURL: "",
-      scope: _schemeData.join(" "),
-      token: "",
+      grantTypeInfo: {
+        grantType: "AUTHORIZATION_CODE",
+        authEndpoint: "",
+        clientID: "",
+        scopes: _schemeData.join(" "),
+        token: "",
+        isPKCE: false,
+        tokenEndpoint: "",
+        clientSecret: "",
+      },
+      addTo: "HEADERS",
     }
   } else if (scheme.type === "openIdConnect") {
     return {
       authType: "oauth-2",
       authActive: true,
-      accessTokenURL: "",
-      authURL: "",
-      clientID: "",
-      oidcDiscoveryURL: scheme.openIdConnectUrl ?? "",
-      scope: _schemeData.join(" "),
-      token: "",
+      grantTypeInfo: {
+        grantType: "AUTHORIZATION_CODE",
+        authEndpoint: "",
+        clientID: "",
+        scopes: _schemeData.join(" "),
+        token: "",
+        isPKCE: false,
+        tokenEndpoint: "",
+        clientSecret: "",
+      },
+      addTo: "HEADERS",
     }
   }
 
@@ -416,56 +441,76 @@ const resolveOpenAPIV2SecurityScheme = (
       return {
         authType: "oauth-2",
         authActive: true,
-        accessTokenURL: scheme.tokenUrl ?? "",
-        authURL: scheme.authorizationUrl ?? "",
-        clientID: "",
-        oidcDiscoveryURL: "",
-        scope: _schemeData.join(" "),
-        token: "",
+        grantTypeInfo: {
+          authEndpoint: scheme.authorizationUrl ?? "",
+          clientID: "",
+          clientSecret: "",
+          grantType: "AUTHORIZATION_CODE",
+          scopes: _schemeData.join(" "),
+          token: "",
+          isPKCE: false,
+          tokenEndpoint: scheme.tokenUrl ?? "",
+        },
+        addTo: "HEADERS",
       }
     } else if (scheme.flow === "implicit") {
       return {
         authType: "oauth-2",
         authActive: true,
-        accessTokenURL: "",
-        authURL: scheme.authorizationUrl ?? "",
-        clientID: "",
-        oidcDiscoveryURL: "",
-        scope: _schemeData.join(" "),
-        token: "",
+        grantTypeInfo: {
+          authEndpoint: scheme.authorizationUrl ?? "",
+          clientID: "",
+          grantType: "IMPLICIT",
+          scopes: _schemeData.join(" "),
+          token: "",
+        },
+        addTo: "HEADERS",
       }
     } else if (scheme.flow === "application") {
       return {
         authType: "oauth-2",
         authActive: true,
-        accessTokenURL: scheme.tokenUrl ?? "",
-        authURL: "",
-        clientID: "",
-        oidcDiscoveryURL: "",
-        scope: _schemeData.join(" "),
-        token: "",
+        grantTypeInfo: {
+          authEndpoint: scheme.tokenUrl ?? "",
+          clientID: "",
+          clientSecret: "",
+          grantType: "CLIENT_CREDENTIALS",
+          scopes: _schemeData.join(" "),
+          token: "",
+        },
+        addTo: "HEADERS",
       }
     } else if (scheme.flow === "password") {
       return {
         authType: "oauth-2",
         authActive: true,
-        accessTokenURL: scheme.tokenUrl ?? "",
-        authURL: "",
-        clientID: "",
-        oidcDiscoveryURL: "",
-        scope: _schemeData.join(" "),
-        token: "",
+        grantTypeInfo: {
+          grantType: "PASSWORD",
+          authEndpoint: scheme.tokenUrl ?? "",
+          clientID: "",
+          clientSecret: "",
+          password: "",
+          scopes: _schemeData.join(" "),
+          token: "",
+          username: "",
+        },
+        addTo: "HEADERS",
       }
     }
     return {
       authType: "oauth-2",
       authActive: true,
-      accessTokenURL: "",
-      authURL: "",
-      clientID: "",
-      oidcDiscoveryURL: "",
-      scope: _schemeData.join(" "),
-      token: "",
+      grantTypeInfo: {
+        authEndpoint: "",
+        clientID: "",
+        clientSecret: "",
+        grantType: "AUTHORIZATION_CODE",
+        scopes: _schemeData.join(" "),
+        token: "",
+        isPKCE: false,
+        tokenEndpoint: "",
+      },
+      addTo: "HEADERS",
     }
   }
 
diff --git a/packages/hoppscotch-common/src/helpers/import-export/import/postman.ts b/packages/hoppscotch-common/src/helpers/import-export/import/postman.ts
index c9c9d8eb3..07c21a923 100644
--- a/packages/hoppscotch-common/src/helpers/import-export/import/postman.ts
+++ b/packages/hoppscotch-common/src/helpers/import-export/import/postman.ts
@@ -162,25 +162,36 @@ const getHoppReqAuth = (item: Item): HoppRESTAuth => {
       ),
     }
   } else if (auth.type === "oauth2") {
+    const accessTokenURL = replacePMVarTemplating(
+      getVariableValue(auth.oauth2, "accessTokenUrl") ?? ""
+    )
+    const authURL = replacePMVarTemplating(
+      getVariableValue(auth.oauth2, "authUrl") ?? ""
+    )
+    const clientId = replacePMVarTemplating(
+      getVariableValue(auth.oauth2, "clientId") ?? ""
+    )
+    const scope = replacePMVarTemplating(
+      getVariableValue(auth.oauth2, "scope") ?? ""
+    )
+    const token = replacePMVarTemplating(
+      getVariableValue(auth.oauth2, "accessToken") ?? ""
+    )
+
     return {
       authType: "oauth-2",
       authActive: true,
-      accessTokenURL: replacePMVarTemplating(
-        getVariableValue(auth.oauth2, "accessTokenUrl") ?? ""
-      ),
-      authURL: replacePMVarTemplating(
-        getVariableValue(auth.oauth2, "authUrl") ?? ""
-      ),
-      clientID: replacePMVarTemplating(
-        getVariableValue(auth.oauth2, "clientId") ?? ""
-      ),
-      scope: replacePMVarTemplating(
-        getVariableValue(auth.oauth2, "scope") ?? ""
-      ),
-      token: replacePMVarTemplating(
-        getVariableValue(auth.oauth2, "accessToken") ?? ""
-      ),
-      oidcDiscoveryURL: "",
+      grantTypeInfo: {
+        grantType: "AUTHORIZATION_CODE",
+        authEndpoint: authURL,
+        clientID: clientId,
+        scopes: scope,
+        token: token,
+        tokenEndpoint: accessTokenURL,
+        clientSecret: "",
+        isPKCE: false,
+      },
+      addTo: "HEADERS",
     }
   }
 
diff --git a/packages/hoppscotch-common/src/helpers/utils/EffectiveURL.ts b/packages/hoppscotch-common/src/helpers/utils/EffectiveURL.ts
index 6b3721ff2..1e331570f 100644
--- a/packages/hoppscotch-common/src/helpers/utils/EffectiveURL.ts
+++ b/packages/hoppscotch-common/src/helpers/utils/EffectiveURL.ts
@@ -82,16 +82,17 @@ export const getComputedAuthHeaders = (
     })
   } else if (
     request.auth.authType === "bearer" ||
-    request.auth.authType === "oauth-2"
+    (request.auth.authType === "oauth-2" && request.auth.addTo === "HEADERS")
   ) {
+    const token =
+      request.auth.authType === "bearer"
+        ? request.auth.token
+        : request.auth.grantTypeInfo.token
+
     headers.push({
       active: true,
       key: "Authorization",
-      value: `Bearer ${
-        parse
-          ? parseTemplateString(request.auth.token, envVars)
-          : request.auth.token
-      }`,
+      value: `Bearer ${parse ? parseTemplateString(token, envVars) : token}`,
     })
   } else if (request.auth.authType === "api-key") {
     const { key, addTo } = request.auth
@@ -196,17 +197,40 @@ export const getComputedParams = (
 ): ComputedParam[] => {
   // When this gets complex, its best to split this function off (like with getComputedHeaders)
   // API-key auth can be added to query params
-  if (!req.auth || !req.auth.authActive) return []
-  if (req.auth.authType !== "api-key") return []
-  if (req.auth.addTo !== "Query params") return []
+  if (!req.auth || !req.auth.authActive) {
+    return []
+  }
+
+  if (req.auth.authType !== "api-key" && req.auth.authType !== "oauth-2") {
+    return []
+  }
+
+  if (req.auth.addTo !== "QUERY_PARAMS") {
+    return []
+  }
+
+  if (req.auth.authType === "api-key") {
+    return [
+      {
+        source: "auth" as const,
+        param: {
+          active: true,
+          key: parseTemplateString(req.auth.key, envVars),
+          value: parseTemplateString(req.auth.value, envVars),
+        },
+      },
+    ]
+  }
+
+  const { grantTypeInfo } = req.auth
 
   return [
     {
       source: "auth",
       param: {
         active: true,
-        key: parseTemplateString(req.auth.key, envVars),
-        value: parseTemplateString(req.auth.value, envVars),
+        key: "access_token",
+        value: parseTemplateString(grantTypeInfo.token, envVars),
       },
     },
   ]
diff --git a/packages/hoppscotch-common/src/pages/oauth.vue b/packages/hoppscotch-common/src/pages/oauth.vue
index 14d3d766e..912d7848e 100644
--- a/packages/hoppscotch-common/src/pages/oauth.vue
+++ b/packages/hoppscotch-common/src/pages/oauth.vue
@@ -5,23 +5,31 @@
 </template>
 
 <script setup lang="ts">
-import { handleOAuthRedirect } from "~/helpers/oauth"
-import { useToast } from "~/composables/toast"
 import { useI18n } from "~/composables/i18n"
+import { useToast } from "~/composables/toast"
 
-import * as E from "fp-ts/Either"
 import { useService } from "dioc/vue"
-import { RESTTabService } from "~/services/tab/rest"
+import * as E from "fp-ts/Either"
 import { onMounted } from "vue"
+import { RESTTabService } from "~/services/tab/rest"
 
 import { useRouter } from "vue-router"
 
+import {
+  PersistedOAuthConfig,
+  routeOAuthRedirect,
+} from "~/services/oauth/oauth.service"
+import { PersistenceService } from "~/services/persistence"
+import { GQLTabService } from "~/services/tab/graphql"
+
 const t = useI18n()
 const router = useRouter()
 
 const toast = useToast()
 
-const tabs = useService(RESTTabService)
+const gqlTabs = useService(GQLTabService)
+const persistenceService = useService(PersistenceService)
+const restTabs = useService(RESTTabService)
 
 function translateOAuthRedirectError(error: string) {
   switch (error) {
@@ -60,22 +68,58 @@ function translateOAuthRedirectError(error: string) {
 }
 
 onMounted(async () => {
-  const tokenInfo = await handleOAuthRedirect()
+  const localOAuthTempConfig =
+    persistenceService.getLocalConfig("oauth_temp_config")
+
+  if (!localOAuthTempConfig) {
+    toast.error(t("authorization.oauth.something_went_wrong_on_oauth_redirect"))
+    router.push("/")
+    return
+  }
+
+  const persistedOAuthConfig: PersistedOAuthConfig =
+    JSON.parse(localOAuthTempConfig)
+
+  const { context, source } = persistedOAuthConfig
+
+  const tokenInfo = await routeOAuthRedirect()
 
   if (E.isLeft(tokenInfo)) {
     toast.error(translateOAuthRedirectError(tokenInfo.left))
-    router.push("/")
+    router.push(source === "REST" ? "/" : "/graphql")
     return
   }
 
+  // Indicates the access token generation flow originated from the modal for setting authorization/headers at the collection level
+  if (context?.type === "collection-properties") {
+    // Set the access token in `localStorage` to retrieve from the modal while redirecting back
+    persistenceService.setLocalConfig(
+      "oauth_temp_config",
+      JSON.stringify(<PersistedOAuthConfig>{
+        ...persistedOAuthConfig,
+        token: tokenInfo.right.access_token,
+      })
+    )
+
+    toast.success(t("authorization.oauth.token_fetched_successfully"))
+
+    router.push(source === "REST" ? "/" : "/graphql")
+    return
+  }
+
+  const routeToRedirect = source === "GraphQL" ? "/graphql" : "/"
+  const tabService = source === "GraphQL" ? gqlTabs : restTabs
+
   if (
-    tabs.currentActiveTab.value.document.request.auth.authType === "oauth-2"
+    tabService.currentActiveTab.value.document.request.auth.authType ===
+    "oauth-2"
   ) {
-    tabs.currentActiveTab.value.document.request.auth.token =
+    tabService.currentActiveTab.value.document.request.auth.grantTypeInfo.token =
       tokenInfo.right.access_token
 
-    router.push("/")
-    return
+    toast.success(t("authorization.oauth.token_fetched_successfully"))
   }
+
+  router.push(routeToRedirect)
 })
 </script>
diff --git a/packages/hoppscotch-common/src/platform/std/interceptors/extension.ts b/packages/hoppscotch-common/src/platform/std/interceptors/extension.ts
index a6095c0bc..64395b124 100644
--- a/packages/hoppscotch-common/src/platform/std/interceptors/extension.ts
+++ b/packages/hoppscotch-common/src/platform/std/interceptors/extension.ts
@@ -231,6 +231,7 @@ export class ExtensionInterceptorService
     try {
       const result = await extensionHook.sendRequest({
         ...req,
+        headers: req.headers ?? {},
         wantsBinary: true,
       })
 
diff --git a/packages/hoppscotch-common/src/services/oauth/flows/authCode.ts b/packages/hoppscotch-common/src/services/oauth/flows/authCode.ts
new file mode 100644
index 000000000..f46db7212
--- /dev/null
+++ b/packages/hoppscotch-common/src/services/oauth/flows/authCode.ts
@@ -0,0 +1,293 @@
+import { PersistenceService } from "~/services/persistence"
+import {
+  OauthAuthService,
+  PersistedOAuthConfig,
+  createFlowConfig,
+  decodeResponseAsJSON,
+  generateRandomString,
+} from "../oauth.service"
+import { z } from "zod"
+import { getService } from "~/modules/dioc"
+import * as E from "fp-ts/Either"
+import { InterceptorService } from "~/services/interceptor.service"
+import { AuthCodeGrantTypeParams } from "@hoppscotch/data"
+
+const persistenceService = getService(PersistenceService)
+const interceptorService = getService(InterceptorService)
+
+const AuthCodeOauthFlowParamsSchema = AuthCodeGrantTypeParams.pick({
+  authEndpoint: true,
+  tokenEndpoint: true,
+  clientID: true,
+  clientSecret: true,
+  scopes: true,
+  isPKCE: true,
+  codeVerifierMethod: true,
+})
+  .refine(
+    (params) => {
+      return (
+        params.authEndpoint.length >= 1 &&
+        params.tokenEndpoint.length >= 1 &&
+        params.clientID.length >= 1 &&
+        params.clientSecret.length >= 1 &&
+        (!params.scopes || params.scopes.trim().length >= 1)
+      )
+    },
+    {
+      message: "Minimum length requirement not met for one or more parameters",
+    }
+  )
+  .refine((params) => (params.isPKCE ? !!params.codeVerifierMethod : true), {
+    message: "codeVerifierMethod is required when using PKCE",
+    path: ["codeVerifierMethod"],
+  })
+
+export type AuthCodeOauthFlowParams = z.infer<
+  typeof AuthCodeOauthFlowParamsSchema
+>
+
+export const getDefaultAuthCodeOauthFlowParams =
+  (): AuthCodeOauthFlowParams => ({
+    authEndpoint: "",
+    tokenEndpoint: "",
+    clientID: "",
+    clientSecret: "",
+    scopes: undefined,
+    isPKCE: false,
+    codeVerifierMethod: "S256",
+  })
+
+const initAuthCodeOauthFlow = async ({
+  tokenEndpoint,
+  clientID,
+  clientSecret,
+  scopes,
+  authEndpoint,
+  isPKCE,
+  codeVerifierMethod,
+}: AuthCodeOauthFlowParams) => {
+  const state = generateRandomString()
+
+  let codeVerifier: string | undefined
+  let codeChallenge: string | undefined
+
+  if (isPKCE) {
+    codeVerifier = generateCodeVerifier()
+    codeChallenge = await generateCodeChallenge(
+      codeVerifier,
+      codeVerifierMethod
+    )
+  }
+
+  let oauthTempConfig: {
+    state: string
+    grant_type: "AUTHORIZATION_CODE"
+    authEndpoint: string
+    tokenEndpoint: string
+    clientSecret: string
+    clientID: string
+    isPKCE: boolean
+    codeVerifier?: string
+    codeVerifierMethod?: string
+    codeChallenge?: string
+    scopes?: string
+  } = {
+    state,
+    grant_type: "AUTHORIZATION_CODE",
+    authEndpoint,
+    tokenEndpoint,
+    clientSecret,
+    clientID,
+    isPKCE,
+    codeVerifierMethod,
+    scopes,
+  }
+
+  if (codeVerifier && codeChallenge) {
+    oauthTempConfig = {
+      ...oauthTempConfig,
+      codeVerifier,
+      codeChallenge,
+    }
+  }
+
+  const localOAuthTempConfig =
+    persistenceService.getLocalConfig("oauth_temp_config")
+
+  const persistedOAuthConfig: PersistedOAuthConfig = localOAuthTempConfig
+    ? { ...JSON.parse(localOAuthTempConfig) }
+    : {}
+
+  const { grant_type, ...rest } = oauthTempConfig
+
+  // persist the state so we can compare it when we get redirected back
+  // also persist the grant_type,tokenEndpoint and clientSecret so we can use them when we get redirected back
+  persistenceService.setLocalConfig(
+    "oauth_temp_config",
+    JSON.stringify(<PersistedOAuthConfig>{
+      ...persistedOAuthConfig,
+      fields: rest,
+      grant_type,
+    })
+  )
+
+  let url: URL
+
+  try {
+    url = new URL(authEndpoint)
+  } catch (e) {
+    return E.left("INVALID_AUTH_ENDPOINT")
+  }
+
+  url.searchParams.set("grant_type", "authorization_code")
+  url.searchParams.set("client_id", clientID)
+  url.searchParams.set("state", state)
+  url.searchParams.set("response_type", "code")
+  url.searchParams.set("redirect_uri", OauthAuthService.redirectURI)
+
+  if (scopes) url.searchParams.set("scope", scopes)
+
+  if (codeVerifierMethod && codeChallenge) {
+    url.searchParams.set("code_challenge", codeChallenge)
+    url.searchParams.set("code_challenge_method", codeVerifierMethod)
+  }
+
+  // Redirect to the authorization server
+  window.location.assign(url.toString())
+
+  return E.right(undefined)
+}
+
+const handleRedirectForAuthCodeOauthFlow = async (localConfig: string) => {
+  // parse the query string
+  const params = new URLSearchParams(window.location.search)
+
+  const code = params.get("code")
+  const state = params.get("state")
+  const error = params.get("error")
+
+  if (error) {
+    return E.left("AUTH_SERVER_RETURNED_ERROR")
+  }
+
+  if (!code) {
+    return E.left("AUTH_TOKEN_REQUEST_FAILED")
+  }
+
+  const expectedSchema = z.object({
+    source: z.optional(z.string()),
+    state: z.string(),
+    tokenEndpoint: z.string(),
+    clientSecret: z.string(),
+    clientID: z.string(),
+    codeVerifier: z.string().optional(),
+    codeChallenge: z.string().optional(),
+  })
+
+  const decodedLocalConfig = expectedSchema.safeParse(
+    JSON.parse(localConfig).fields
+  )
+
+  if (!decodedLocalConfig.success) {
+    return E.left("INVALID_LOCAL_CONFIG")
+  }
+
+  // check if the state matches
+  if (decodedLocalConfig.data.state !== state) {
+    return E.left("INVALID_STATE")
+  }
+
+  // exchange the code for a token
+  const formData = new URLSearchParams()
+  formData.append("grant_type", "authorization_code")
+  formData.append("code", code)
+  formData.append("client_id", decodedLocalConfig.data.clientID)
+  formData.append("client_secret", decodedLocalConfig.data.clientSecret)
+  formData.append("redirect_uri", OauthAuthService.redirectURI)
+
+  if (decodedLocalConfig.data.codeVerifier) {
+    formData.append("code_verifier", decodedLocalConfig.data.codeVerifier)
+  }
+
+  const { response } = interceptorService.runRequest({
+    url: decodedLocalConfig.data.tokenEndpoint,
+    method: "POST",
+    headers: {
+      "Content-Type": "application/x-www-form-urlencoded",
+      Accept: "application/json",
+    },
+    data: formData.toString(),
+  })
+
+  const res = await response
+
+  if (E.isLeft(res)) {
+    return E.left("AUTH_TOKEN_REQUEST_FAILED" as const)
+  }
+
+  const responsePayload = decodeResponseAsJSON(res.right)
+
+  if (E.isLeft(responsePayload)) {
+    return E.left("AUTH_TOKEN_REQUEST_FAILED" as const)
+  }
+
+  const withAccessTokenSchema = z.object({
+    access_token: z.string(),
+  })
+
+  const parsedTokenResponse = withAccessTokenSchema.safeParse(
+    responsePayload.right
+  )
+
+  return parsedTokenResponse.success
+    ? E.right(parsedTokenResponse.data)
+    : E.left("AUTH_TOKEN_REQUEST_INVALID_RESPONSE" as const)
+}
+
+const generateCodeVerifier = () => {
+  const characters =
+    "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-._~"
+  const length = Math.floor(Math.random() * (128 - 43 + 1)) + 43 // Random length between 43 and 128
+  let codeVerifier = ""
+
+  for (let i = 0; i < length; i++) {
+    const randomIndex = Math.floor(Math.random() * characters.length)
+    codeVerifier += characters[randomIndex]
+  }
+
+  return codeVerifier
+}
+
+const generateCodeChallenge = async (
+  codeVerifier: string,
+  strategy: AuthCodeOauthFlowParams["codeVerifierMethod"]
+) => {
+  if (strategy === "plain") {
+    return codeVerifier
+  }
+
+  const encoder = new TextEncoder()
+  const data = encoder.encode(codeVerifier)
+
+  const buffer = await crypto.subtle.digest("SHA-256", data)
+
+  return encodeArrayBufferAsUrlEncodedBase64(buffer)
+}
+
+const encodeArrayBufferAsUrlEncodedBase64 = (buffer: ArrayBuffer) => {
+  const hashArray = Array.from(new Uint8Array(buffer))
+  const hashBase64URL = btoa(String.fromCharCode(...hashArray))
+    .replace(/=/g, "")
+    .replace(/\+/g, "-")
+    .replace(/\//g, "_")
+
+  return hashBase64URL
+}
+
+export default createFlowConfig(
+  "AUTHORIZATION_CODE" as const,
+  AuthCodeOauthFlowParamsSchema,
+  initAuthCodeOauthFlow,
+  handleRedirectForAuthCodeOauthFlow
+)
diff --git a/packages/hoppscotch-common/src/services/oauth/flows/clientCredentials.ts b/packages/hoppscotch-common/src/services/oauth/flows/clientCredentials.ts
new file mode 100644
index 000000000..9582b8236
--- /dev/null
+++ b/packages/hoppscotch-common/src/services/oauth/flows/clientCredentials.ts
@@ -0,0 +1,183 @@
+import {
+  OauthAuthService,
+  createFlowConfig,
+  decodeResponseAsJSON,
+} from "../oauth.service"
+import { z } from "zod"
+import { getService } from "~/modules/dioc"
+import * as E from "fp-ts/Either"
+import { InterceptorService } from "~/services/interceptor.service"
+import { useToast } from "~/composables/toast"
+import { ClientCredentialsGrantTypeParams } from "@hoppscotch/data"
+
+const interceptorService = getService(InterceptorService)
+
+const ClientCredentialsFlowParamsSchema = ClientCredentialsGrantTypeParams.pick(
+  {
+    authEndpoint: true,
+    clientID: true,
+    clientSecret: true,
+    scopes: true,
+  }
+).refine(
+  (params) => {
+    return (
+      params.authEndpoint.length >= 1 &&
+      params.clientID.length >= 1 &&
+      params.clientSecret.length >= 1 &&
+      (!params.scopes || params.scopes.length >= 1)
+    )
+  },
+  {
+    message: "Minimum length requirement not met for one or more parameters",
+  }
+)
+
+export type ClientCredentialsFlowParams = z.infer<
+  typeof ClientCredentialsFlowParamsSchema
+>
+
+export const getDefaultClientCredentialsFlowParams =
+  (): ClientCredentialsFlowParams => ({
+    authEndpoint: "",
+    clientID: "",
+    clientSecret: "",
+    scopes: undefined,
+  })
+
+const initClientCredentialsOAuthFlow = async ({
+  clientID,
+  clientSecret,
+  scopes,
+  authEndpoint,
+}: ClientCredentialsFlowParams) => {
+  const toast = useToast()
+
+  const formData = new URLSearchParams()
+  formData.append("grant_type", "client_credentials")
+  formData.append("client_id", clientID)
+  formData.append("client_secret", clientSecret)
+
+  if (scopes) {
+    formData.append("scope", scopes)
+  }
+
+  const { response } = interceptorService.runRequest({
+    url: authEndpoint,
+    method: "POST",
+    headers: {
+      "Content-Type": "application/x-www-form-urlencoded",
+      Accept: "application/json",
+    },
+    data: formData.toString(),
+  })
+
+  const res = await response
+
+  if (E.isLeft(res)) {
+    return E.left("AUTH_TOKEN_REQUEST_FAILED" as const)
+  }
+
+  const responsePayload = decodeResponseAsJSON(res.right)
+
+  if (E.isLeft(responsePayload)) {
+    return E.left("AUTH_TOKEN_REQUEST_FAILED" as const)
+  }
+
+  const withAccessTokenSchema = z.object({
+    access_token: z.string(),
+  })
+
+  const parsedTokenResponse = withAccessTokenSchema.safeParse(
+    responsePayload.right
+  )
+
+  if (!parsedTokenResponse.success) {
+    toast.error("AUTH_TOKEN_REQUEST_INVALID_RESPONSE")
+  }
+
+  return parsedTokenResponse.success
+    ? E.right(parsedTokenResponse.data)
+    : E.left("AUTH_TOKEN_REQUEST_INVALID_RESPONSE" as const)
+}
+
+const handleRedirectForAuthCodeOauthFlow = async (localConfig: string) => {
+  // parse the query string
+  const params = new URLSearchParams(window.location.search)
+
+  const code = params.get("code")
+  const state = params.get("state")
+  const error = params.get("error")
+
+  if (error) {
+    return E.left("AUTH_SERVER_RETURNED_ERROR")
+  }
+
+  if (!code) {
+    return E.left("AUTH_TOKEN_REQUEST_FAILED")
+  }
+
+  const expectedSchema = z.object({
+    state: z.string(),
+    tokenEndpoint: z.string(),
+    clientSecret: z.string(),
+    clientID: z.string(),
+  })
+
+  const decodedLocalConfig = expectedSchema.safeParse(JSON.parse(localConfig))
+
+  if (!decodedLocalConfig.success) {
+    return E.left("INVALID_LOCAL_CONFIG")
+  }
+
+  // check if the state matches
+  if (decodedLocalConfig.data.state !== state) {
+    return E.left("INVALID_STATE")
+  }
+
+  // exchange the code for a token
+  const formData = new URLSearchParams()
+  formData.append("code", code)
+  formData.append("client_id", decodedLocalConfig.data.clientID)
+  formData.append("client_secret", decodedLocalConfig.data.clientSecret)
+  formData.append("redirect_uri", OauthAuthService.redirectURI)
+
+  const { response } = interceptorService.runRequest({
+    url: decodedLocalConfig.data.tokenEndpoint,
+    method: "POST",
+    headers: {
+      "Content-Type": "application/x-www-form-urlencoded",
+      Accept: "application/json",
+    },
+    data: formData.toString(),
+  })
+
+  const res = await response
+
+  if (E.isLeft(res)) {
+    return E.left("AUTH_TOKEN_REQUEST_FAILED" as const)
+  }
+
+  const responsePayload = new TextDecoder("utf-8")
+    .decode(res.right.data as any)
+    .replaceAll("\x00", "")
+
+  const withAccessTokenSchema = z.object({
+    access_token: z.string(),
+  })
+
+  const parsedTokenResponse = withAccessTokenSchema.safeParse(
+    JSON.parse(responsePayload)
+  )
+
+  return parsedTokenResponse.success
+    ? E.right(parsedTokenResponse.data)
+    : E.left("AUTH_TOKEN_REQUEST_INVALID_RESPONSE" as const)
+}
+
+export default createFlowConfig(
+  "CLIENT_CREDENTIALS" as const,
+  ClientCredentialsFlowParamsSchema,
+  initClientCredentialsOAuthFlow,
+  handleRedirectForAuthCodeOauthFlow
+)
diff --git a/packages/hoppscotch-common/src/services/oauth/flows/implicit.ts b/packages/hoppscotch-common/src/services/oauth/flows/implicit.ts
new file mode 100644
index 000000000..08293c604
--- /dev/null
+++ b/packages/hoppscotch-common/src/services/oauth/flows/implicit.ts
@@ -0,0 +1,135 @@
+import { PersistenceService } from "~/services/persistence"
+import {
+  OauthAuthService,
+  PersistedOAuthConfig,
+  createFlowConfig,
+  generateRandomString,
+} from "../oauth.service"
+import { z } from "zod"
+import { getService } from "~/modules/dioc"
+import * as E from "fp-ts/Either"
+import { ImplicitOauthFlowParams } from "@hoppscotch/data"
+
+const persistenceService = getService(PersistenceService)
+
+const ImplicitOauthFlowParamsSchema = ImplicitOauthFlowParams.pick({
+  authEndpoint: true,
+  clientID: true,
+  scopes: true,
+}).refine((params) => {
+  return (
+    params.authEndpoint.length >= 1 &&
+    params.clientID.length >= 1 &&
+    (params.scopes === undefined || params.scopes.length >= 1)
+  )
+})
+
+export type ImplicitOauthFlowParams = z.infer<
+  typeof ImplicitOauthFlowParamsSchema
+>
+
+export const getDefaultImplicitOauthFlowParams =
+  (): ImplicitOauthFlowParams => ({
+    authEndpoint: "",
+    clientID: "",
+    scopes: undefined,
+  })
+
+const initImplicitOauthFlow = async ({
+  clientID,
+  scopes,
+  authEndpoint,
+}: ImplicitOauthFlowParams) => {
+  const state = generateRandomString()
+
+  const localOAuthTempConfig =
+    persistenceService.getLocalConfig("oauth_temp_config")
+
+  const persistedOAuthConfig: PersistedOAuthConfig = localOAuthTempConfig
+    ? { ...JSON.parse(localOAuthTempConfig) }
+    : {}
+
+  // Persist the necessary information for retrieval while getting redirected back
+  persistenceService.setLocalConfig(
+    "oauth_temp_config",
+    JSON.stringify(<PersistedOAuthConfig>{
+      ...persistedOAuthConfig,
+      fields: {
+        clientID,
+        authEndpoint,
+        scopes,
+        state,
+      },
+      grant_type: "IMPLICIT",
+    })
+  )
+
+  let url: URL
+
+  try {
+    url = new URL(authEndpoint)
+  } catch {
+    return E.left("INVALID_AUTH_ENDPOINT")
+  }
+
+  url.searchParams.set("client_id", clientID)
+  url.searchParams.set("state", state)
+  url.searchParams.set("response_type", "token")
+  url.searchParams.set("redirect_uri", OauthAuthService.redirectURI)
+
+  if (scopes) url.searchParams.set("scope", scopes)
+
+  // Redirect to the authorization server
+  window.location.assign(url.toString())
+
+  return E.right(undefined)
+}
+
+const handleRedirectForAuthCodeOauthFlow = async (localConfig: string) => {
+  // parse the query string
+  const params = new URLSearchParams(window.location.search)
+  const paramsFromHash = new URLSearchParams(window.location.hash.substring(1))
+
+  const accessToken =
+    params.get("access_token") || paramsFromHash.get("access_token")
+  const state = params.get("state") || paramsFromHash.get("state")
+  const error = params.get("error") || paramsFromHash.get("error")
+
+  if (error) {
+    return E.left("AUTH_SERVER_RETURNED_ERROR")
+  }
+
+  if (!accessToken) {
+    return E.left("AUTH_TOKEN_REQUEST_FAILED")
+  }
+
+  const expectedSchema = z.object({
+    source: z.optional(z.string()),
+    state: z.string(),
+    clientID: z.string(),
+  })
+
+  const decodedLocalConfig = expectedSchema.safeParse(
+    JSON.parse(localConfig).fields
+  )
+
+  if (!decodedLocalConfig.success) {
+    return E.left("INVALID_LOCAL_CONFIG")
+  }
+
+  // check if the state matches
+  if (decodedLocalConfig.data.state !== state) {
+    return E.left("INVALID_STATE")
+  }
+
+  return E.right({
+    access_token: accessToken,
+  })
+}
+
+export default createFlowConfig(
+  "IMPLICIT" as const,
+  ImplicitOauthFlowParamsSchema,
+  initImplicitOauthFlow,
+  handleRedirectForAuthCodeOauthFlow
+)
diff --git a/packages/hoppscotch-common/src/services/oauth/flows/password.ts b/packages/hoppscotch-common/src/services/oauth/flows/password.ts
new file mode 100644
index 000000000..d572b6471
--- /dev/null
+++ b/packages/hoppscotch-common/src/services/oauth/flows/password.ts
@@ -0,0 +1,189 @@
+import {
+  OauthAuthService,
+  createFlowConfig,
+  decodeResponseAsJSON,
+} from "../oauth.service"
+import { z } from "zod"
+import { getService } from "~/modules/dioc"
+import * as E from "fp-ts/Either"
+import { InterceptorService } from "~/services/interceptor.service"
+import { useToast } from "~/composables/toast"
+import { PasswordGrantTypeParams } from "@hoppscotch/data"
+
+const interceptorService = getService(InterceptorService)
+
+const PasswordFlowParamsSchema = PasswordGrantTypeParams.pick({
+  authEndpoint: true,
+  clientID: true,
+  clientSecret: true,
+  scopes: true,
+  username: true,
+  password: true,
+}).refine(
+  (params) => {
+    return (
+      params.authEndpoint.length >= 1 &&
+      params.clientID.length >= 1 &&
+      params.clientSecret.length >= 1 &&
+      params.username.length >= 1 &&
+      params.password.length >= 1 &&
+      (!params.scopes || params.scopes.length >= 1)
+    )
+  },
+  {
+    message: "Minimum length requirement not met for one or more parameters",
+  }
+)
+
+export type PasswordFlowParams = z.infer<typeof PasswordFlowParamsSchema>
+
+export const getDefaultPasswordFlowParams = (): PasswordFlowParams => ({
+  authEndpoint: "",
+  clientID: "",
+  clientSecret: "",
+  scopes: undefined,
+  username: "",
+  password: "",
+})
+
+const initPasswordOauthFlow = async ({
+  password,
+  username,
+  clientID,
+  clientSecret,
+  scopes,
+  authEndpoint,
+}: PasswordFlowParams) => {
+  const toast = useToast()
+
+  const formData = new URLSearchParams()
+  formData.append("grant_type", "password")
+  formData.append("client_id", clientID)
+  formData.append("client_secret", clientSecret)
+  formData.append("username", username)
+  formData.append("password", password)
+
+  if (scopes) {
+    formData.append("scope", scopes)
+  }
+
+  const { response } = interceptorService.runRequest({
+    url: authEndpoint,
+    method: "POST",
+    headers: {
+      "Content-Type": "application/x-www-form-urlencoded",
+      Accept: "application/json",
+    },
+    data: formData.toString(),
+  })
+
+  const res = await response
+
+  if (E.isLeft(res) || res.right.status !== 200) {
+    toast.error("AUTH_TOKEN_REQUEST_FAILED")
+    return E.left("AUTH_TOKEN_REQUEST_FAILED" as const)
+  }
+
+  const responsePayload = new TextDecoder("utf-8")
+    .decode(res.right.data as any)
+    .replaceAll("\x00", "")
+
+  const withAccessTokenSchema = z.object({
+    access_token: z.string(),
+  })
+
+  const parsedTokenResponse = withAccessTokenSchema.safeParse(
+    JSON.parse(responsePayload)
+  )
+
+  if (!parsedTokenResponse.success) {
+    toast.error("AUTH_TOKEN_REQUEST_INVALID_RESPONSE")
+  }
+
+  return parsedTokenResponse.success
+    ? E.right(parsedTokenResponse.data)
+    : E.left("AUTH_TOKEN_REQUEST_INVALID_RESPONSE" as const)
+}
+
+const handleRedirectForAuthCodeOauthFlow = async (localConfig: string) => {
+  // parse the query string
+  const params = new URLSearchParams(window.location.search)
+
+  const code = params.get("code")
+  const state = params.get("state")
+  const error = params.get("error")
+
+  if (error) {
+    return E.left("AUTH_SERVER_RETURNED_ERROR")
+  }
+
+  if (!code) {
+    return E.left("AUTH_TOKEN_REQUEST_FAILED")
+  }
+
+  const expectedSchema = z.object({
+    state: z.string(),
+    tokenEndpoint: z.string(),
+    clientSecret: z.string(),
+    clientID: z.string(),
+  })
+
+  const decodedLocalConfig = expectedSchema.safeParse(JSON.parse(localConfig))
+
+  if (!decodedLocalConfig.success) {
+    return E.left("INVALID_LOCAL_CONFIG")
+  }
+
+  // check if the state matches
+  if (decodedLocalConfig.data.state !== state) {
+    return E.left("INVALID_STATE")
+  }
+
+  // exchange the code for a token
+  const formData = new URLSearchParams()
+  formData.append("code", code)
+  formData.append("client_id", decodedLocalConfig.data.clientID)
+  formData.append("client_secret", decodedLocalConfig.data.clientSecret)
+  formData.append("redirect_uri", OauthAuthService.redirectURI)
+
+  const { response } = interceptorService.runRequest({
+    url: decodedLocalConfig.data.tokenEndpoint,
+    method: "POST",
+    headers: {
+      "Content-Type": "application/x-www-form-urlencoded",
+      Accept: "application/json",
+    },
+    data: formData.toString(),
+  })
+
+  const res = await response
+
+  if (E.isLeft(res)) {
+    return E.left("AUTH_TOKEN_REQUEST_FAILED" as const)
+  }
+
+  const responsePayload = decodeResponseAsJSON(res.right)
+
+  if (E.isLeft(responsePayload)) {
+    return E.left("AUTH_TOKEN_REQUEST_FAILED" as const)
+  }
+
+  const withAccessTokenSchema = z.object({
+    access_token: z.string(),
+  })
+
+  const parsedTokenResponse = withAccessTokenSchema.safeParse(
+    responsePayload.right
+  )
+
+  return parsedTokenResponse.success
+    ? E.right(parsedTokenResponse.data)
+    : E.left("AUTH_TOKEN_REQUEST_INVALID_RESPONSE" as const)
+}
+
+export default createFlowConfig(
+  "PASSWORD" as const,
+  PasswordFlowParamsSchema,
+  initPasswordOauthFlow,
+  handleRedirectForAuthCodeOauthFlow
+)
diff --git a/packages/hoppscotch-common/src/services/oauth/oauth.service.ts b/packages/hoppscotch-common/src/services/oauth/oauth.service.ts
new file mode 100644
index 000000000..e0b01778b
--- /dev/null
+++ b/packages/hoppscotch-common/src/services/oauth/oauth.service.ts
@@ -0,0 +1,124 @@
+import { Service } from "dioc"
+import { PersistenceService } from "../persistence"
+import { ZodType, z } from "zod"
+import * as E from "fp-ts/Either"
+import authCode, { AuthCodeOauthFlowParams } from "./flows/authCode"
+import implicit, { ImplicitOauthFlowParams } from "./flows/implicit"
+import { getService } from "~/modules/dioc"
+import { HoppCollection } from "@hoppscotch/data"
+import { TeamCollection } from "~/helpers/backend/graphql"
+
+export type PersistedOAuthConfig = {
+  source: "REST" | "GraphQL"
+  context?: {
+    type: "collection-properties" | "request-tab"
+    metadata: {
+      collection?: HoppCollection | TeamCollection
+      collectionID?: string
+    }
+  }
+  grant_type: string
+  fields?: (AuthCodeOauthFlowParams | ImplicitOauthFlowParams) & {
+    state: string
+  }
+  token?: string
+}
+
+const persistenceService = getService(PersistenceService)
+
+export const grantTypesInvolvingRedirect = ["AUTHORIZATION_CODE", "IMPLICIT"]
+
+export const routeOAuthRedirect = async () => {
+  // get the temp data from the local storage
+  const localOAuthTempConfig =
+    persistenceService.getLocalConfig("oauth_temp_config")
+
+  if (!localOAuthTempConfig) {
+    return E.left("INVALID_STATE")
+  }
+
+  const expectedSchema = z.object({
+    source: z.optional(z.string()),
+    grant_type: z.string(),
+  })
+
+  const decodedLocalConfig = expectedSchema.safeParse(
+    JSON.parse(localOAuthTempConfig)
+  )
+
+  if (!decodedLocalConfig.success) {
+    return E.left("INVALID_STATE")
+  }
+
+  // route the request to the correct flow
+  const flowConfig = [authCode, implicit].find(
+    (flow) => flow.flow === decodedLocalConfig.data.grant_type
+  )
+
+  if (!flowConfig) {
+    return E.left("INVALID_STATE")
+  }
+
+  return flowConfig?.onRedirectReceived(localOAuthTempConfig)
+}
+
+export function createFlowConfig<
+  Flow extends string,
+  AuthParams extends Record<string, unknown>,
+  InitFuncReturnObject extends Record<string, unknown>,
+>(
+  flow: Flow,
+  params: ZodType<AuthParams>,
+  init: (
+    params: AuthParams
+  ) =>
+    | E.Either<string, InitFuncReturnObject>
+    | Promise<E.Either<string, InitFuncReturnObject>>
+    | E.Either<string, undefined>
+    | Promise<E.Either<string, undefined>>,
+  onRedirectReceived: (localConfig: string) => Promise<
+    E.Either<
+      string,
+      {
+        access_token: string
+      }
+    >
+  >
+) {
+  return {
+    flow,
+    params,
+    init,
+    onRedirectReceived,
+  }
+}
+
+export const decodeResponseAsJSON = (response: { data: any }) => {
+  try {
+    const responsePayload = new TextDecoder("utf-8")
+      .decode(response.data as any)
+      .replaceAll("\x00", "")
+
+    return E.right(JSON.parse(responsePayload) as Record<string, unknown>)
+  } catch (error) {
+    return E.left("AUTH_TOKEN_REQUEST_FAILED" as const)
+  }
+}
+
+export class OauthAuthService extends Service {
+  public static readonly ID = "OAUTH_AUTH_SERVICE"
+
+  static redirectURI = `${window.location.origin}/oauth`
+
+  constructor() {
+    super()
+  }
+}
+
+export const generateRandomString = () => {
+  const length = 64
+  const possible =
+    "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789"
+  const values = crypto.getRandomValues(new Uint8Array(length))
+  return values.reduce((acc, x) => acc + possible[x % possible.length], "")
+}
diff --git a/packages/hoppscotch-common/src/services/persistence/__tests__/__mocks__/index.ts b/packages/hoppscotch-common/src/services/persistence/__tests__/__mocks__/index.ts
index 050237b2b..12fe74e27 100644
--- a/packages/hoppscotch-common/src/services/persistence/__tests__/__mocks__/index.ts
+++ b/packages/hoppscotch-common/src/services/persistence/__tests__/__mocks__/index.ts
@@ -25,7 +25,7 @@ export const REST_COLLECTIONS_MOCK: HoppCollection[] = [
     folders: [],
     requests: [
       {
-        v: "2",
+        v: "3",
         endpoint: "https://echo.hoppscotch.io",
         name: "Echo test",
         params: [],
@@ -50,7 +50,7 @@ export const GQL_COLLECTIONS_MOCK: HoppCollection[] = [
     folders: [],
     requests: [
       {
-        v: 2,
+        v: 3,
         name: "Echo test",
         url: "https://echo.hoppscotch.io/graphql",
         headers: [],
@@ -138,7 +138,7 @@ export const REST_HISTORY_MOCK: RESTHistoryEntry[] = [
       preRequestScript: "",
       testScript: "",
       requestVariables: [],
-      v: "2",
+      v: "3",
     },
     responseMeta: { duration: 807, statusCode: 200 },
     star: false,
@@ -150,7 +150,7 @@ export const GQL_HISTORY_MOCK: GQLHistoryEntry[] = [
   {
     v: 1,
     request: {
-      v: 2,
+      v: 3,
       name: "Untitled",
       url: "https://echo.hoppscotch.io/graphql",
       query: "query Request { url }",
@@ -171,7 +171,7 @@ export const GQL_TAB_STATE_MOCK: PersistableTabState<HoppGQLDocument> = {
       tabID: "5edbe8d4-65c9-4381-9354-5f1bf05d8ccc",
       doc: {
         request: {
-          v: 2,
+          v: 3,
           name: "Untitled",
           url: "https://echo.hoppscotch.io/graphql",
           headers: [],
@@ -194,7 +194,7 @@ export const REST_TAB_STATE_MOCK: PersistableTabState<HoppRESTDocument> = {
       tabID: "e6e8d800-caa8-44a2-a6a6-b4765a3167aa",
       doc: {
         request: {
-          v: "2",
+          v: "3",
           endpoint: "https://echo.hoppscotch.io",
           name: "Echo test",
           params: [],
diff --git a/packages/hoppscotch-data/src/graphql/index.ts b/packages/hoppscotch-data/src/graphql/index.ts
index ab5823541..c314a3437 100644
--- a/packages/hoppscotch-data/src/graphql/index.ts
+++ b/packages/hoppscotch-data/src/graphql/index.ts
@@ -2,29 +2,32 @@ import { InferredEntity, createVersionedEntity } from "verzod"
 import { z } from "zod"
 import V1_VERSION from "./v/1"
 import V2_VERSION from "./v/2"
+import V3_VERSION from "./v/3"
 
 export { GQLHeader } from "./v/1"
 export {
-  HoppGQLAuth,
   HoppGQLAuthAPIKey,
   HoppGQLAuthBasic,
   HoppGQLAuthBearer,
   HoppGQLAuthNone,
-  HoppGQLAuthOAuth2,
   HoppGQLAuthInherit,
 } from "./v/2"
 
-export const GQL_REQ_SCHEMA_VERSION = 2
+export { HoppGQLAuth } from "./v/3"
+export { HoppGQLAuthOAuth2 } from "./v/3"
+
+export const GQL_REQ_SCHEMA_VERSION = 3
 
 const versionedObject = z.object({
   v: z.number(),
 })
 
 export const HoppGQLRequest = createVersionedEntity({
-  latestVersion: 2,
+  latestVersion: 3,
   versionMap: {
     1: V1_VERSION,
     2: V2_VERSION,
+    3: V3_VERSION,
   },
   getVersion(x) {
     const result = versionedObject.safeParse(x)
diff --git a/packages/hoppscotch-data/src/graphql/v/2.ts b/packages/hoppscotch-data/src/graphql/v/2.ts
index 50ef6373f..e4392a314 100644
--- a/packages/hoppscotch-data/src/graphql/v/2.ts
+++ b/packages/hoppscotch-data/src/graphql/v/2.ts
@@ -71,7 +71,7 @@ export const HoppGQLAuth = z
 
 export type HoppGQLAuth = z.infer<typeof HoppGQLAuth>
 
-const V2_SCHEMA = z.object({
+export const V2_SCHEMA = z.object({
   id: z.optional(z.string()),
   v: z.literal(2),
 
diff --git a/packages/hoppscotch-data/src/graphql/v/3.ts b/packages/hoppscotch-data/src/graphql/v/3.ts
new file mode 100644
index 000000000..60fb87ecf
--- /dev/null
+++ b/packages/hoppscotch-data/src/graphql/v/3.ts
@@ -0,0 +1,77 @@
+import { z } from "zod"
+
+import { defineVersion } from "verzod"
+
+import { HoppRESTAuthOAuth2 } from "../../rest"
+import {
+  HoppGQLAuthAPIKey,
+  HoppGQLAuthBasic,
+  HoppGQLAuthBearer,
+  HoppGQLAuthInherit,
+  HoppGQLAuthNone,
+  V2_SCHEMA,
+} from "./2"
+
+export { HoppRESTAuthOAuth2 as HoppGQLAuthOAuth2 } from "../../rest"
+
+export type HoppGqlAuthOAuth2 = z.infer<typeof HoppRESTAuthOAuth2>
+
+export const HoppGQLAuth = z
+  .discriminatedUnion("authType", [
+    HoppGQLAuthNone,
+    HoppGQLAuthInherit,
+    HoppGQLAuthBasic,
+    HoppGQLAuthBearer,
+    HoppGQLAuthAPIKey,
+    HoppRESTAuthOAuth2, // both rest and gql have the same auth type for oauth2
+  ])
+  .and(
+    z.object({
+      authActive: z.boolean(),
+    })
+  )
+
+export type HoppGQLAuth = z.infer<typeof HoppGQLAuth>
+
+export const V3_SCHEMA = V2_SCHEMA.extend({
+  v: z.literal(3),
+  auth: HoppGQLAuth,
+})
+
+export default defineVersion({
+  initial: false,
+  schema: V3_SCHEMA,
+  up(old: z.infer<typeof V2_SCHEMA>) {
+    if (old.auth.authType === "oauth-2") {
+      const { token, accessTokenURL, scope, clientID, authURL } = old.auth
+
+      return {
+        ...old,
+        v: 3 as const,
+        auth: {
+          ...old.auth,
+          authType: "oauth-2" as const,
+          grantTypeInfo: {
+            grantType: "AUTHORIZATION_CODE" as const,
+            authEndpoint: authURL,
+            tokenEndpoint: accessTokenURL,
+            clientID: clientID,
+            clientSecret: "",
+            scopes: scope,
+            isPKCE: false,
+            token,
+          },
+          addTo: "HEADERS" as const,
+        },
+      }
+    }
+
+    return {
+      ...old,
+      v: 3 as const,
+      auth: {
+        ...old.auth,
+      },
+    }
+  },
+})
diff --git a/packages/hoppscotch-data/src/rest/index.ts b/packages/hoppscotch-data/src/rest/index.ts
index 72390ec5b..8fea04d40 100644
--- a/packages/hoppscotch-data/src/rest/index.ts
+++ b/packages/hoppscotch-data/src/rest/index.ts
@@ -4,32 +4,39 @@ import cloneDeep from "lodash/cloneDeep"
 import V0_VERSION from "./v/0"
 import V1_VERSION from "./v/1"
 import V2_VERSION from "./v/2"
+import V3_VERSION from "./v/3"
 import { createVersionedEntity, InferredEntity } from "verzod"
 import { lodashIsEqualEq, mapThenEq, undefinedEq } from "../utils/eq"
-import {
-  HoppRESTAuth,
-  HoppRESTReqBody,
-  HoppRESTHeaders,
-  HoppRESTParams,
-} from "./v/1"
+
+import { HoppRESTReqBody, HoppRESTHeaders, HoppRESTParams } from "./v/1"
+
+import { HoppRESTAuth } from "./v/3"
 import { HoppRESTRequestVariables } from "./v/2"
 import { z } from "zod"
 
 export * from "./content-types"
+
 export {
   FormDataKeyValue,
   HoppRESTReqBodyFormData,
-  HoppRESTAuth,
   HoppRESTAuthAPIKey,
   HoppRESTAuthBasic,
   HoppRESTAuthInherit,
   HoppRESTAuthBearer,
   HoppRESTAuthNone,
-  HoppRESTAuthOAuth2,
   HoppRESTReqBody,
   HoppRESTHeaders,
 } from "./v/1"
 
+export {
+  HoppRESTAuth,
+  HoppRESTAuthOAuth2,
+  AuthCodeGrantTypeParams,
+  ClientCredentialsGrantTypeParams,
+  ImplicitOauthFlowParams,
+  PasswordGrantTypeParams,
+} from "./v/3"
+
 export { HoppRESTRequestVariables } from "./v/2"
 
 const versionedObject = z.object({
@@ -38,11 +45,12 @@ const versionedObject = z.object({
 })
 
 export const HoppRESTRequest = createVersionedEntity({
-  latestVersion: 2,
+  latestVersion: 3,
   versionMap: {
     0: V0_VERSION,
     1: V1_VERSION,
     2: V2_VERSION,
+    3: V3_VERSION,
   },
   getVersion(data) {
     // For V1 onwards we have the v string storing the number
@@ -84,7 +92,7 @@ const HoppRESTRequestEq = Eq.struct<HoppRESTRequest>({
   ),
 })
 
-export const RESTReqSchemaVersion = "2"
+export const RESTReqSchemaVersion = "3"
 
 export type HoppRESTParam = HoppRESTRequest["params"][number]
 export type HoppRESTHeader = HoppRESTRequest["headers"][number]
@@ -179,7 +187,7 @@ export function makeRESTRequest(
 
 export function getDefaultRESTRequest(): HoppRESTRequest {
   return {
-    v: "2",
+    v: "3",
     endpoint: "https://echo.hoppscotch.io",
     name: "Untitled",
     params: [],
diff --git a/packages/hoppscotch-data/src/rest/v/2.ts b/packages/hoppscotch-data/src/rest/v/2.ts
index 894a37271..db49ebfb4 100644
--- a/packages/hoppscotch-data/src/rest/v/2.ts
+++ b/packages/hoppscotch-data/src/rest/v/2.ts
@@ -18,7 +18,7 @@ export const HoppRESTRequestVariables = z.array(
 
 export type HoppRESTRequestVariables = z.infer<typeof HoppRESTRequestVariables>
 
-const V2_SCHEMA = V1_SCHEMA.extend({
+export const V2_SCHEMA = V1_SCHEMA.extend({
   v: z.literal("2"),
   requestVariables: HoppRESTRequestVariables,
 })
diff --git a/packages/hoppscotch-data/src/rest/v/3.ts b/packages/hoppscotch-data/src/rest/v/3.ts
new file mode 100644
index 000000000..2a2a7bb36
--- /dev/null
+++ b/packages/hoppscotch-data/src/rest/v/3.ts
@@ -0,0 +1,127 @@
+import { z } from "zod"
+import {
+  HoppRESTAuthAPIKey,
+  HoppRESTAuthBasic,
+  HoppRESTAuthBearer,
+  HoppRESTAuthInherit,
+  HoppRESTAuthNone,
+} from "./1"
+import { V2_SCHEMA } from "./2"
+
+import { defineVersion } from "verzod"
+
+export const AuthCodeGrantTypeParams = z.object({
+  grantType: z.literal("AUTHORIZATION_CODE"),
+  authEndpoint: z.string().trim(),
+  tokenEndpoint: z.string().trim(),
+  clientID: z.string().trim(),
+  clientSecret: z.string().trim(),
+  scopes: z.string().trim().optional(),
+  token: z.string().catch(""),
+  isPKCE: z.boolean(),
+  codeVerifierMethod: z
+    .union([z.literal("plain"), z.literal("S256")])
+    .optional(),
+})
+
+export const ClientCredentialsGrantTypeParams = z.object({
+  grantType: z.literal("CLIENT_CREDENTIALS"),
+  authEndpoint: z.string().trim(),
+  clientID: z.string().trim(),
+  clientSecret: z.string().trim(),
+  scopes: z.string().trim().optional(),
+  token: z.string().catch(""),
+})
+
+export const PasswordGrantTypeParams = z.object({
+  grantType: z.literal("PASSWORD"),
+  authEndpoint: z.string().trim(),
+  clientID: z.string().trim(),
+  clientSecret: z.string().trim(),
+  scopes: z.string().trim().optional(),
+  username: z.string().trim(),
+  password: z.string().trim(),
+  token: z.string().catch(""),
+})
+
+export const ImplicitOauthFlowParams = z.object({
+  grantType: z.literal("IMPLICIT"),
+  authEndpoint: z.string().trim(),
+  clientID: z.string().trim(),
+  scopes: z.string().trim().optional(),
+  token: z.string().catch(""),
+})
+
+export const HoppRESTAuthOAuth2 = z.object({
+  authType: z.literal("oauth-2"),
+  grantTypeInfo: z.discriminatedUnion("grantType", [
+    AuthCodeGrantTypeParams,
+    ClientCredentialsGrantTypeParams,
+    PasswordGrantTypeParams,
+    ImplicitOauthFlowParams,
+  ]),
+  addTo: z.enum(["HEADERS", "QUERY_PARAMS"]).catch("HEADERS"),
+})
+
+export type HoppRESTAuthOAuth2 = z.infer<typeof HoppRESTAuthOAuth2>
+
+export const HoppRESTAuth = z
+  .discriminatedUnion("authType", [
+    HoppRESTAuthNone,
+    HoppRESTAuthInherit,
+    HoppRESTAuthBasic,
+    HoppRESTAuthBearer,
+    HoppRESTAuthOAuth2,
+    HoppRESTAuthAPIKey,
+  ])
+  .and(
+    z.object({
+      authActive: z.boolean(),
+    })
+  )
+
+export type HoppRESTAuth = z.infer<typeof HoppRESTAuth>
+
+// V2_SCHEMA has one change in HoppRESTAuthOAuth2, we'll add the grant_type field
+export const V3_SCHEMA = V2_SCHEMA.extend({
+  v: z.literal("3"),
+  auth: HoppRESTAuth,
+})
+
+export default defineVersion({
+  initial: false,
+  schema: V3_SCHEMA,
+  up(old: z.infer<typeof V2_SCHEMA>) {
+    if (old.auth.authType === "oauth-2") {
+      const { token, accessTokenURL, scope, clientID, authURL } = old.auth
+
+      return {
+        ...old,
+        v: "3" as const,
+        auth: {
+          ...old.auth,
+          authType: "oauth-2" as const,
+          grantTypeInfo: {
+            grantType: "AUTHORIZATION_CODE" as const,
+            authEndpoint: authURL,
+            tokenEndpoint: accessTokenURL,
+            clientID: clientID,
+            clientSecret: "",
+            scopes: scope,
+            isPKCE: false,
+            token,
+          },
+          addTo: "HEADERS" as const,
+        },
+      }
+    }
+
+    return {
+      ...old,
+      v: "3" as const,
+      auth: {
+        ...old.auth,
+      },
+    }
+  },
+})
diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml
index 8c50167b8..0c943dc33 100644
--- a/pnpm-lock.yaml
+++ b/pnpm-lock.yaml
@@ -24543,3 +24543,4 @@ packages:
   /zod@3.22.4:
     resolution: {integrity: sha512-iC+8Io04lddc+mVqQ9AZ7OQ2MrUKGN+oIQyq1vemgt46jwCwLfhq7/pwnBnNXXXZb8VTVLKwp9EDkx+ryxIWmg==}
     dev: false
+    
\ No newline at end of file