I would like to know the best practice to authenticate m2m applications to my API. Currently I was using client access grant, but soon I ran to 80% of my quota.
My application is a serverless function, so caching the obtained token is not really possible without adding a memory cache to my infrastructure, so I was thinking about refresh tokens if they might help me out? I am thinking about having a refresh token with a validity of 30 days, but asking myself if generated access tokens will be counted in the quota or not?
Many thanks for your help.