I’m sorry if that has been discussed before, but what I’m looking for seems pretty straight forward. I have a RESTful api that I would like to secure. Based on this post, it seems that I’m able to provide our vendors with the client id / client secret to obtain access to the restful API. (How to implement API keys using Auth0?). For the purpose of our API, it will be M2M.
My question is, how would I identify which vendor is logging in based on the client secret? It appears that I’m missing a step somewhere.
Any help would be greatly appreciated.