OAuthClient credentials flow

This flow is typically used when the client application needs to access its own resources or perform actions on behalf of itself, rather than on behalf of a user. Example: A backend service might use the Client Credentials Flow to access an API to retrieve data or perform administrative tasks.

The Client Credentials Flow is a grant type in OAuth 2.0 used by confidential clients to obtain an access token. In this flow, the client directly requests an access token from the authorization server using its own credentials (client ID and client secret), rather than on behalf of a user.

  1. The client sends a request to the authorization server's token endpoint, including its client credentials (client ID and client secret) in the request body.
  2. The authorization server validates the client credentials.
  3. If the client credentials are valid, the authorization server issues an access token directly to the client.
  4. The client can then use this access token to access protected resources on the resource server.

手順

  1. Complete steps 1-6 from create OAuth connection section.
  2. Select the Grant Type as Client Credentials Flow.

    Select Client Credentials Flowto perform API operations when the user not present, but application credentials such as client ID and client secret is exchanged for access token. You can also use this grant type to access OAuth protected APIs. As an authorized user you can configure the control room managed OAuth connections (outbound) to set the Client Credential workflow.

  3. Complete steps 8-12 from Create OAuth connection section.
  4. オプション: Enter Audience. The audience defines the intended consumer of the token. This field is enabled only if you have selected Client Credentials Flow as the grant type.
  5. Complete steps 13-18 to complete creating OAuth connection using this grant type.