Get tokens for OIDC application

ojas.kale · March 11, 2021, 6:28am

I want to create multiple apps whenever a user registers. I am using the following OIDC endpoint. from the docs, I am using this command to do so.

curl --request POST \
  --url 'https://MY-DOMAIN/oidc/register' \
  --header 'content-type: application/json' \
  --data '{"client_name":"My Dynamic Application","redirect_uris": 
  ["https://application.example.com/callback", "https://application.example.com/callback2"]}'

This app has the type of generic. Now I want to use client credentials flow to get tokens since I have client_id and client_secret. first of all, is this possible? or do I have to use any other flow.

When I try the client credentials flow, I get the following error message

Grant type ‘client_credentials’ not allowed for the client.

How should I approach this problem?

ojas.kale · March 11, 2021, 6:50am

Looks like client credentials flow can only be used with Machine to Machine Applications . So a follow up question is can I use OIDC command mentioned above to create Machine to Machine Applications .

ojas.kale · March 11, 2021, 12:15pm

I have got the answer for this we to Create client grant of scope client-grant. After this I get the token with permissions client-grant

Now looking for how can I add specific permissions to this token.