Client Credentials Flow with OIDC

The OIDC-conformant pipeline enables the use of the Client Credentials Flow, which allows applications to authenticate as themselves (rather than on behalf of a user) to programmatically and securely obtain access to an API.

This exchange does not exist in the legacy pipeline; instead, the Resource Owner Password Flow is used to simulate it by creating a service user. We strongly discourage this approach in favor of using the Client Credentials Flow, which allows fine-grained permissions to be defined for each API app.

To learn how to execute a Client Credentials Flow, read Call API Using the Client Credentials Flow.

Learn more