Managing dozens of non-interactive clients

Hello,

What is the appropriate way of managing authentication for dozens of non-interactive clients, which are not directly associated with users? For example, is there a way to administrate and group non-interactive clients that use client credentials flow?

The closest available tutorial I found uses the resource owner password credentials flow; however, this seems inappropriate because it’s mimicking a user.

We see here that Groups are supported for all clients except the non-interactive ones.

Device credentials are not first class citizens, relying instead on a user profile.

Thank you so much for any advice on the correct way to proceed with authentication of dozens of non-interactive clients.