Client Credentials (M2M)

Properties

• No user involved. The sub claim is the client_id, not a user UUID.
• No refresh token. Worker just requests a new one when needed.
• No ID token. Pure machine identity.
• Short TTL (1 hour default). Cache and renew on expiry.

Where to learn more

• Integrate, OAuth2 client credentials
• Cookbook, M2M call from a worker
• Reference, OAuth2 grant: client-credentials