2.1.7.3.1 Client Credentials Grant Type

When to use: For non-interactive backend services or internal automation tasks.

Sample code

curl --location 'https://<idcs_domain>/oauth2/v1/token' \
--header "Authorization: Basic <base64Encoded clientid:secret>" \
--header 'Content-Type: application/x-www-form-urlencoded;charset=UTF-8' \
--data-urlencode 'grant_type=client_credentials' \
--data-urlencode 'scope=urn:opc:idm:__myscopes__'

Sample code with mTLS enabled

curl --location 'https://<idcs_domain>/oauth2/v1/token' \
--cacert ./ca.crt \
--cert ./client.crt \
--key ./client.key \
--header "Authorization: Basic <base64Encoded clientid:secret>" \
--header 'Content-Type: application/x-www-form-urlencoded;charset=UTF-8' \
--data-urlencode 'grant_type=client_credentials' \
--data-urlencode 'scope=urn:opc:idm:__myscopes__'

Sample response

{ "access_token": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9...", "token_type": "Bearer", "expires_in": 3600, }

For more details, see Client Credentials Grant Type