Doing authorization for M2M app with client id/secret server (nodejs) receives an Access Token kind of
{
azp: 'yyyyyyyyyyyy'
exp: 1680175128
gty: 'client-credentials'
iat: 1680088728
permissions: ['some:perm']
scope: 'some:perm'
sub:'xxxxxxxxxx@clients'
}
Using this how could more details on a client app it self be resolved on a server side similar to
authClient.getProfile(accessToken)
how a user authorizations flow does. Since getProfile
is rejected with 401. So how some details could be resolved e.g.
- Name
- Description
- App logo
- App metadata
etc. to identify the app itself?
Thx