Hi @Pravallika · Thank you for reaching out.
As documented here, for confidential clients, recommended authentication flows are Client_Credentials, On-behalf-of, and Authorization_code. As you want to acquire token under user context, I would suggest you to go with Authorization_code flow rather than Password (ROPC) flow.
Please refer to below code to acquire token using Authorization_code and call a web API, which you can replace with your SharePoint API.
-----------------------------------------------------------------------------------------------------------
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.