Thanks for the answer,
but maybe i wasn’t clear, my use case is not user-based authentication, my api will be called by another software so it’s non-user-based and this is why i want to use client credentials.
Also since there’s a limitation on the M2M tokens, i want to use regular web applications.
Regards