About
Client credentials is an authorization grant type.
The client credentials (or other forms of client authentication) can be used as an authorization grant when the authorization scope is limited to protected resources:
- under the control of the client,
- whom the authorization was previously arranged with the authorization server.
Client credentials are used as an authorization grant typically when the client:
- is acting on its own behalf (the client is also the resource owner)
- or is requesting access to protected resources based on an authorization previously arranged with the authorization server.