I am looking to see if there are any best practices on how to enable my customers to create their own machine-to-machine application. For example, a user logs into my web application, they then click a button to add a machine-to-machine application. They may do this multiple times. Each of these machine-to-machine applications would be associated with the one end-user, such that ONLY that user can view the client id and secret.
I basically do not want to create many, as auth0 calls them, “machine-to-machine applications”, as I, would be able to see any client id and secret associated with any machine-to-machine applications my customers (end users) create.
Essentially I am needing to create a database (i.e. Connection) that holds the list of client id’s/secrets and associate them with an end-user.