Allow specific outside customers access to our API server with m2m machine to machine token

We are using machine to machine tokens to secure our internal application connects to our public API servers.

Now we want our external customers to be able to use their applications to connect to our public API using machine to machine tokens.

How do I begin to set this up? I’m really lost and I’m extremely worried that it cannot be done with Auth0.

Hi @dak2009,

You can issue your customers client credentials they can use to obtain M2M tokens against your APIs. You will then have control over what scopes those applications are able to use.

With that said, if you are planning on having a lot of customers, you could quickly run into entity limits and might want to explore other solutions.

We would be looking, at the most, a dozen untrusted M2M applications. Looks like that could put us over the limit for our current plan. Good to know now. Thanks!

1 Like

No problem, let us know if you have other questions.

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.