We are allowing our customers to add their client id and credentials to generate never expiry token. We thought machine to machine use case fits this script but its working as allowing them to access the api but we are not able to get user profile information from token.
does anyone worked on the similar use case? I am looking for more guidance at this point.
A machine-to-machine token is just that. For machines to talk. They carry no profile information in them.
If you’re sure that a “never expiry” token is what you want (more likely, you want to allow apps your customers make retrieve their own access tokens, right) then perhaps just set the token expiry value to some huge amount of seconds.
If that sounds wonky, it’s because it is.
Yes, we are doing that. We are setting it to higher value for never expiry.
Is there a way to get client id from Machine To Machine Token? i think client id to user mapping , we can store.