Machine to machine best practice with multiple callers

I have an application using machine to machine setting hosting in AWS. And this application will be called multiple on premise client applications. I would like to avoid sharing the same client id and secrets to all callers.
What is the best practice in this setup? It is not a SPA application so no humans is involved.