I know this is very late for this question, but, I feel more and more people are going to want to do this.  So here it goes: This requires The Client Id and Client Secret from Salesforce.  This explains how to do that.  https://developer.salesforce.com/forums/?id=906F0000000AfcgIAC  In your workflow you are going to do 2 HTTP Web Requests.  First you have to setup your Web service to Salesforce. 

You use your SF domain in the blacked out areas for either a test or production area.  Once that is set on the HTTP Web Request Select the Gear in the upper right hand corner.  

Click on the Request Headers and add this value pair

click OK. Click back on the gear.  Fill in the info below:

The Content Body:  Is this:  grant_type=password&username=SalesforceUsername&password=SalesforcePassword&client_id=SalesforceClientId&client_secret=SalesforceClientSecret

you can test the request and it should return you Auth code and other info.  To get the Auth code by itself I created a Token Calculator to isolate the Auth Code called SFAuthToken.

Now for the second Web request.  Select the same web service as before.  Click the gear in the upper right hand corner

Click the Request Header Area and enter the following Value Pairs

Click OK and then the Gear in the upper right hand corner

Add a track Tokens to the workflow then when you run it you can figure out what to parse based on what type of event or query you ran