I have a SPA which is using Auth0 with Auth0 as the identity provider. I am building a CLI using which users would be able to automate tasks on our application. From what I understand, I should be using the Client Credentials Flow for this. Should I create a separate client application for each of my users? This doesn’t seem scalable.
Ideally I would want a long lived token which users can generate (and invalidate) from my SPA or generate a client ID and secret from my SPA (like the AWS CLI) and let users use that in the CLI to access the protected API.
What is the recommended way to go about doing this?