2.1.7.3.1 Client Credentials Grant Type

When to use: For non-interactive backend services or internal automation tasks.

Sample code

curl --location 'https://<idcs_domain_url>/oauth2/v1/token' --header "Authorization: Basic $encoded" --header 'Content-Type: application/x-www-form-urlencoded;charset=UTF-8' --data-urlencode 'grant_type=client_credentials' --data-urlencode 'scope=<scope_value>%20urn:opc:resource:expiry=3600'

Sample code with mTLS enabled

curl --location 'https://<idcs_secure_domain_url>/oauth2/v1/token' --cacert ./ca.crt --cert ./client.crt --key ./client.key --header "Authorization: Basic $encoded" --header 'Content-Type: application/x-www-form-urlencoded;charset=UTF-8' --data-urlencode 'grant_type=client_credentials' --data-urlencode 'scope=<scope_value>%20urn:opc:resource:expiry=3600'

Sample response

{ "access_token": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9...", "token_type": "Bearer", "expires_in": 3600, }

For more details, see Client Credentials Grant Type