Feature: View only M2M credentials on a per application basis
Description: When creating a user in a tenant, there is the ability to give “Editor - Specific Apps”, but not option for “Viewer - Specific Apps” or, even better, “Viewer - Specific Apps (M2M Credential Only)”. I think a way to fine tune existing or create custom roles for tenant members would be fantastic. For this specifically, it would be great to only grant access to view M2M credentials for a specific application or applications.
Use-case: I use the client credential grant flow (M2M) application type to allow for customers to access our APIs. Currently, it seems like the only way to give them that information easily is to send it via email or some other way that presents a security concern. I also have client relationship managers that could benefit from this type of feature to share information with clients for purposes of set up and/or troubleshooting where the rest of the information on the application screen is irrelevant to them (outside maybe the endpoints and grant types tabs). With something like this, I could give them least privileged access to specific applications in the tenant where they cannot change anything.