Why does the documentation indicate that you shoudl not use this in production?
"If you need a session ID just for testing purposes during development, you can use the username-password OAuth flow"
It then says you can use SOAP for to get the token back to use with the REST API.  The SOAP login is just a username and password, just like the username-password OAuth flow.....  I'm currently loggin in with SOAP then callin the REST API for our back office integration only becuase of the documentation that seems to imply that death and destruction awaits those who use the REST login without dancing with OAUTH2.  Is this just poor documentation, or is there some real problem here?