Thank you for your answer but do you think i did not read all that stuff before ?
I can not imagine how Oauth can be benefitial to me protecting my REST APIs when i have no form of user interaction with a browser. There is no login or whatever. Just a plain REST endpoint, therefore the only option are client_credentials grant or ressource owner grant. But do i really want my customers to put their login credentials in my client library for communicating with my API ? Is this real life ?
Thx